www.wtnzfox43.com Open in urlscan Pro
2606:4700:4400::6812:27f7 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.wtnzfox43.com/
Submission: On October 26 via api (October 26th 2022, 1:54:36 am UTC) from SG — Scanned from DE

Summary HTTP 209 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 40 IPs in 7 countries across 30 domains to perform 209 HTTP transactions. The main IP is 2606:4700:4400::6812:27f7, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.wtnzfox43.com.
TLS certificate: Issued by Cloudflare Inc RSA CA-2 on March 2nd 2022. Valid for: a year.

This is the only time www.wtnzfox43.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	2606:4700:440... 2606:4700:4400::6812:27f7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2606:4700:440... 2606:4700:4400::ac40:94e4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700:440... 2606:4700:4400::ac40:939e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (STACKPATH...) (STACKPATH-CDN)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
40	2606:4700:440... 2606:4700:4400::ac40:948a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700:440... 2606:4700:4400::6812:2862	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	52.160.40.218 52.160.40.218	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:170... 2a02:26f0:1700:d::1737:6ea4	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
17	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba11	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
9	20.60.81.107 20.60.81.107	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	34.149.12.213 34.149.12.213	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
5 12	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	37.252.173.38 37.252.173.38	29990 (ASN-APPNEX) (ASN-APPNEX)
12	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	104.75.89.75 104.75.89.75	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	3.120.71.147 3.120.71.147	16509 (AMAZON-02) (AMAZON-02)
1	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
3 3	3.124.240.3 3.124.240.3	16509 (AMAZON-02) (AMAZON-02)
1 1	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
2 2	37.157.6.241 37.157.6.241	198622 (ADFORM) (ADFORM)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1 1	37.252.172.250 37.252.172.250	29990 (ASN-APPNEX) (ASN-APPNEX)
4	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	172.217.18.6 172.217.18.6	15169 (GOOGLE) (GOOGLE)
209	40

9 2606:4700:4400::6812:27f7 (United States)

ASN13335 (CLOUDFLARENET, US)

www.wtnzfox43.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:4400::ac40:94e4 (United States)

ASN13335 (CLOUDFLARENET, US)

ngw-static.franklyinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:4400::ac40:939e (United States)

ASN13335 (CLOUDFLARENET, US)

ftpcontent.worldnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ftpcontent6.worldnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2606:4700:4400::ac40:948a (United States)

ASN13335 (CLOUDFLARENET, US)

wtnz.images.worldnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stacker.images.worldnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prsubmitpresslifestyle.images.worldnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cntsyncont.images.worldnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wdfx.images.worldnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

cdn.cityspark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::6812:2862 (United States)

ASN13335 (CLOUDFLARENET, US)

content.worldnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.160.40.218 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

p.cityspark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:1700:d::1737:6ea4 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

csp.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:ba11 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 20.60.81.107 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

citysparkstorage.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.12.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.12.149.34.bc.googleusercontent.com

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-eu3.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.186.162 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.173.38 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.75.89.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.71.147 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-71-147.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.124.240.3 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-240-3.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.129 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.241 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.250 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.6 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	worldnow.com ftpcontent.worldnow.com — Cisco Umbrella Rank: 144531 ftpcontent6.worldnow.com wtnz.images.worldnow.com content.worldnow.com — Cisco Umbrella Rank: 162670 stacker.images.worldnow.com prsubmitpresslifestyle.images.worldnow.com cntsyncont.images.worldnow.com wdfx.images.worldnow.com	2 MB
42	googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 147 bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104	567 KB
32	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188 stats.g.doubleclick.net — Cisco Umbrella Rank: 84 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 cm.g.doubleclick.net — Cisco Umbrella Rank: 215 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 317 ad.doubleclick.net — Cisco Umbrella Rank: 185	243 KB
12	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 273	328 KB
11	franklyinc.com ngw-static.franklyinc.com — Cisco Umbrella Rank: 158251	1 MB
9	windows.net citysparkstorage.blob.core.windows.net — Cisco Umbrella Rank: 28840	270 KB
9	wtnzfox43.com www.wtnzfox43.com	150 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 193	247 KB
6	google.com adservice.google.com — Cisco Umbrella Rank: 78 www.google.com — Cisco Umbrella Rank: 2	1 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 232 secure.adnxs.com — Cisco Umbrella Rank: 438	4 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 542	3 KB
4	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 482 tps.doubleverify.com — Cisco Umbrella Rank: 502 tpsc-eu3.doubleverify.com — Cisco Umbrella Rank: 9427	109 KB
4	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2668 www.google-analytics.com — Cisco Umbrella Rank: 32	21 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 303	2 KB
3	openx.net us-u.openx.net — Cisco Umbrella Rank: 409 rtb.openx.net — Cisco Umbrella Rank: 1521	768 B
3	gstatic.com fonts.gstatic.com	75 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44 imasdk.googleapis.com — Cisco Umbrella Rank: 435	129 KB
3	cityspark.com cdn.cityspark.com — Cisco Umbrella Rank: 32977 p.cityspark.com — Cisco Umbrella Rank: 22523	25 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 294	795 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 627	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 765	2 KB
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1137	344 B
2	google.de adservice.google.de — Cisco Umbrella Rank: 8724	914 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 61	128 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 216	6 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 720	31 KB
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 740	761 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 602	191 B
1	azureedge.net csp.azureedge.net — Cisco Umbrella Rank: 29972	61 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 677	29 KB
209	30

	Domain	Requested by
23	pagead2.googlesyndication.com	bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com ad.doubleclick.net s0.2mdn.net pagead2.googlesyndication.com securepubads.g.doubleclick.net
21	wtnz.images.worldnow.com	www.wtnzfox43.com wtnz.images.worldnow.com
17	tpc.googlesyndication.com	securepubads.g.doubleclick.net bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com ad.doubleclick.net s0.2mdn.net pagead2.googlesyndication.com
12	s0.2mdn.net	www.wtnzfox43.com s0.2mdn.net ad.doubleclick.net
12	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com
12	cntsyncont.images.worldnow.com	www.wtnzfox43.com
11	ngw-static.franklyinc.com	www.wtnzfox43.com ngw-static.franklyinc.com
10	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.wtnzfox43.com
9	citysparkstorage.blob.core.windows.net	www.wtnzfox43.com
9	www.wtnzfox43.com	ngw-static.franklyinc.com
7	www.googletagservices.com	content.worldnow.com securepubads.g.doubleclick.net bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com www.googletagservices.com ad.doubleclick.net
6	ftpcontent.worldnow.com	www.wtnzfox43.com content.worldnow.com
4	googleads4.g.doubleclick.net	www.wtnzfox43.com ad.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	googleads.g.doubleclick.net	bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com www.wtnzfox43.com
4	www.google.com	securepubads.g.doubleclick.net bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com tpc.googlesyndication.com
4	stacker.images.worldnow.com	www.wtnzfox43.com
3	x.bidswitch.net	3 redirects
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.wtnzfox43.com
3	fonts.gstatic.com	fonts.googleapis.com
3	content.worldnow.com	wtnz.images.worldnow.com
2	ups.analytics.yahoo.com	2 redirects
2	c1.adform.net	2 redirects
2	pm.w55c.net	2 redirects
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	cdn.doubleverify.com	securepubads.g.doubleclick.net www.wtnzfox43.com
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	prsubmitpresslifestyle.images.worldnow.com	www.wtnzfox43.com
2	p.cityspark.com	cdn.cityspark.com
2	fonts.googleapis.com	ftpcontent.worldnow.com client
2	www.googletagmanager.com	www.wtnzfox43.com
2	cdnjs.cloudflare.com	www.wtnzfox43.com cdn.cityspark.com
2	maxcdn.bootstrapcdn.com	www.wtnzfox43.com
1	tpsc-eu3.doubleverify.com	cdn.doubleverify.com
1	ad.doubleclick.net	www.googletagservices.com
1	secure.adnxs.com	1 redirects
1	rtb.openx.net	bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com
1	p.rfihub.com	1 redirects
1	pixel-sync.sitescout.com	bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com
1	tps.doubleverify.com	cdn.doubleverify.com
1	csp.azureedge.net	cdn.cityspark.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	wdfx.images.worldnow.com	www.wtnzfox43.com
1	region1.google-analytics.com	www.googletagmanager.com
1	imasdk.googleapis.com	content.worldnow.com
1	cdn.cityspark.com	www.wtnzfox43.com
1	code.jquery.com	www.wtnzfox43.com
1	ftpcontent6.worldnow.com	www.wtnzfox43.com
209	52

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
portal.cityspark.com
www.grittv.com
www.bouncetv.com
publicfiles.fcc.gov
www.aboutads.info
www.franklymedia.com

Subject Issuer	Validity	Valid
www.wtnzfox43.com Cloudflare Inc RSA CA-2	`2022-03-02` - `2023-03-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
images.worldnow.com Cloudflare Inc ECC CA-3	`2022-05-17` - `2023-05-16`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
sni0f49gl.wpc.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2022-08-24` - `2023-09-24`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.cityspark.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-08` - `2023-03-11`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.azureedge.net Microsoft Azure ECC TLS Issuing CA 01	`2022-07-27` - `2023-07-22`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.blob.core.windows.net Microsoft Azure TLS Issuing CA 01	`2022-08-18` - `2023-08-13`	a year	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2022-09-28` - `2023-10-30`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
teads.tv R3	`2022-08-17` - `2022-11-15`	3 months	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh

This page contains 17 frames:

Primary Page: https://www.wtnzfox43.com/
Frame ID: 667DF579243A2B4A65D1EEA7A6925D34
Requests: 119 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsus318e9Vw9Ds1EmclzhfkZYZQ2RRIxk-0mNj7IRxqCO0-KSv36KG34stSMulEQhQKcmdJSJKnQF0H_KOD9Nqj51d7NuKX1EE7SeyzIpgBx-Qv5YTqQlgt-yVUIYaUUTyrB1iBZ8kTwkZEfzTJCIrn7lPtI-AAfuOrIjVYS_oetjGPGQCmSa1xxk1mG88C990QqU2KUqIxfUCyiuludczscDLsJ1LtcrmOk4jVTTNi6BKuZvdhB2n4sdr_dKIAdEHTK1q94VsceG9aty6BipEQykD_jo3iA_xITlxSyE4BQ5h9BB8MWE7TJu3rJtvlvNIjgqcwDVj3OK3asXD2AU7urryfdZK9aoLDe1Y4B216s1UG_&sai=AMfl-YRe02QWt-AtlU2lcvkrLFkjVfyKIfHQgAQFdfckz7yYuXWFGQve_kL1v5S29vmzRtg8f5_ongiUHKeNzYEPybZx1kKdxb-uQ8IXCrae67ECuqW25lR20FnNrDmHi78p7ODE&sig=Cg0ArKJSzFSqis9l8E16EAE&uach_m=[UACH]&adurl=
Frame ID: 409222A2BA40A692D8F0D0EE39CAEC88
Requests: 9 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3130.js
Frame ID: 8B31FBD7822C551EA7AFBC14DE2139D0
Requests: 3 HTTP requests in this frame

Frame: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9BB99B284E4AAD6BB1BA431C20C1880A
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhj5oqp5MAE&v=APEucNVjVUwzZoSS_ais2jeBf-Ezug8g4HNKZeGvwVTC34xS3zX-TK764brIuLEgFpiY7-hg4QaSaRkGE9_qExAwa0wOtmVhcPhW3xS4Bau57ILXyV_5NsVSBv54dsIl70v9viJFLqQMV_Dy7nmpfhOSM7k7uMdF3qI85sUBZbNNoaYVERjg-hI
Frame ID: 1C5646DA306D823246296DF4C6B60487
Requests: 5 HTTP requests in this frame

Frame: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 79650CC11876560116D49260999336F8
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COsBEML8nAEYjKqv1gEwAQ&v=APEucNU4Eimn3eXcXaaPuEY-S-mDyxbhMg29YdAp7Eo7YI6PJBAxblhzVsjVoWWu3CBX-iAVy3Q-63szUqEUSmrQF8zwrCp-0vIXxmT6kOb_ROspGlQtZ2qxQIb0Yz7dcHqHI9OtbzId-VXiTLtGMG0YNCcBkWkg5r94UG2I2wT3PL7vpIb5ZKQ
Frame ID: F5B3EB9FD74CE66080077DF7C25B85D4
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 709A88668F35A14CDF8744BF1E379B70
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8130E99E1AEBC8BF235661A404B68FF7
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C7801A9F6E83489C7B03C088832A971E
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61877903/20220614044128194/index.html?e=69&leftOffset=0&topOffset=0&c=HxHgGL9af9&t=1&renderingType=2&ev=01_247
Frame ID: E606742B4A54CF86FA458231DAA9E30A
Requests: 12 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N5378.3665442DV360/B28634677.349103066;dc_ver=91.268;sz=300x250;u_sd=1;dc_adk=2923430905;ord=ht1rvz;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCReTaVpNYY6etF5SpgQeJ4r2QBbj96YNt3NuY-sgQn6bjwOw1EAEguoj7JWCVuq2CtAegAaCEt4EDyAEJqQJLPTa-frawPqgDAaoE-gFP0PJgFQxtnNUdatBAT-AW79XQ-s8EwcSiJAjZ-UgAT4j8nITQ-1PeJiAZH_5vG9E0W3l9MaLvPs-TSJotG8wylEt_DQPeVvMwtccIn_HoqyCiK9y3USQbDbBSPtZtEzoX69Qy74bIhDPI_K11Wpw8rHbbJPhH-B_z4rSHpKicmdOgOINYCPATi9OkIUYw3UwG7QZTu_B3Zps0hWS9oiO319o4zhNM2cG4jW2hFuaYYPQ-RRQLl_ACC0sh72jdyD4CzyQizLpe4y09vyZeCCdxyUqZxw3LVDqsGGuSVLE2sjVubzihw6ZdBS3NInWU3nWH9IPzhmwNCANUwATTgcXInQTgBAOQBgGgBk2AB8j7yH6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBA8ggbYWR4LXN1YnN5bi01MDkxNzk1NDY3MTY5NTAzgAoDmAsByAsBgAwBsBOw5PQQ2BMN2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJ-RoF-q3ecYvYYNAZqfQtznlTWrv1iSxg5adfJeXWGrZmAANF2X9Ew%26sig%3DAOD64_39-qk_8JM1h6KTlW3DosK7YNDViA%26client%3Dca-pub-6042373951237502%26dbm_c%3DAKAmf-A8yRUm0vdrb--tfkf6ovEhPNnEsftjuTouadA8jJv9UTwjqfmzY2_6U9ruxIxFM2dnFV-Zl11-f_agCT1Vz8PWtQJk2FOuwD0y-GWd6-r9yLIq2GHiGlasAI84AStzKa7pW0RDvqKkJuaEze4rzzzbbRgJzZjUuIyqzdBEhXkTv6cgGiI%26cry%3D1%26dbm_d%3DAKAmf-CsWWDo353mYM_8rmGCBcpmOSe7qv1LevOCKBs_F08EL4eZbF3ll2AbgNMvnIGYS0VXnpPos2644IjyvHclZHPTSRo1auq6BS0GCSP2D-NRV0xiep0jw0el2gl9koU5pMK-xV6eITytWi-Sc68Ps0xYoriCOTmBvPOpKv2MHgd9tPT1uzsB-16BDO3pAfu2r81A781140tjbukHrWjaZLGGkSWdCMZGIKnIqWKvo1b3E3BBd6Z9UX-4zJ8tbKHjHzppxQ6QBhpTpCX4y4q6p5XjuryRs7QraO8PmaPZ2ugSKJcJ65Z32zP6FEHSrin3QWDOBH1xGz39gapuZ--Kk-vw4qRtoMNx7lTVnsug3VpdOujV2z74hAJ43vF3fo8aJpcWwe8To2CS41jxnGGac-JyNpSSJH0rVjEFMLl30MCupyJlxxO1UPXpNkAuEu3cSz9hCHdrZZH3DStzQfrp5KS21SJtA5xR-hoUZ9tQlO5OOKmA5k5Y7Uo5KrAkCQB_TIfsioQdiNU33s5fVgfRJaE1OzaLhInnTRQFUsV0J-p82BLlZgs%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.wtnzfox43.com%2F$0;xdt=1;crlt=9VlA7lWQWF;stc=1;chaa=1;sttr=53;prcl=s
Frame ID: B25C84BC30A56B207E285B2CDE99F8D8
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DA220420AD858A88339C47AF50F501FE
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/568fMfmsPhabDhBQKM56ETVW7wyafyuYtNw47YmmG7Q.js
Frame ID: DFD0142E260F924DBF76CB17FA9CE9C7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/568fMfmsPhabDhBQKM56ETVW7wyafyuYtNw47YmmG7Q.js
Frame ID: 2D05D11C3AFDCBAD0097CD95749CF6A4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 09B5299D064DAA128A6A3D35F03076E4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5AB19E026E75B6F3F3B643F79830BF2B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - WTNZ Fox43 - WTNZ - Fox43Arrow LeftArrow Right

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

209
Requests

95 %
HTTPS

60 %
IPv6

30
Domains

52
Subdomains

40
IPs

7
Countries

5894 kB
Transfer

15249 kB
Size

28
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/FOX43WTNZ

Search URL Search Domain Scan URL

URL: https://twitter.com/Fox43Knox

Search URL Search Domain Scan URL

URL: https://www.instagram.com/fox43wtnz/

Search URL Search Domain Scan URL

URL: https://portal.cityspark.com/EventEntry/EventEntry/WTNZ
Title: Add Your Event

Search URL Search Domain Scan URL

URL: https://www.grittv.com/

Search URL Search Domain Scan URL

URL: https://www.bouncetv.com/

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/api/manager/download/4f427edc-6126-fa68-8042-b142249eeb90/7a61c57b-28e3-4ebd-aa52-6874614c7131.pdf
Title: EEO Report

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/tv-profile/WTNZ
Title: FCC Public Files

Search URL Search Domain Scan URL

URL: http://www.aboutads.info/choices
Title: Ad Choices

Search URL Search Domain Scan URL

URL: https://www.franklymedia.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 117

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKywXGI-sWgW8141WbS5DOM&google_cver=1

Request Chain 118

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1iTVuu.hkMCSZOtllLuVAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKywXGI-sWgW8141WbS5DOM&google_cver=1&google_hm=2

Request Chain 119

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECBvXq8n1YBZdvugXUoC6KU&google_cver=1

Request Chain 120

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTEyMDA3NTI2NjI4NDc3ODI4NA%3D%3D

Request Chain 135

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECSY2vw4vAYHpgwCCjWV-28&google_cver=1

Request Chain 137

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEJ1JbjK-7a5PJbZ66bYj-W4&google_cver=1

Request Chain 142

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIB_82jJcRMyyQkgHgnNK2s&google_cver=1&google_push=AZmPxg9xGw-MzqUPlKlJUMtt2QJZG-tguHrXlJc-6dppTIO4pMw8kRk2kBjDYPBOsEzHTSdCNcaBeerS8n2YBASaHyShu_pj9A HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIB_82jJcRMyyQkgHgnNK2s&google_cver=1&google_push=AZmPxg9xGw-MzqUPlKlJUMtt2QJZG-tguHrXlJc-6dppTIO4pMw8kRk2kBjDYPBOsEzHTSdCNcaBeerS8n2YBASaHyShu_pj9A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dnR0UFN0VzYxT052Q0w1&google_gid=CAESEIB_82jJcRMyyQkgHgnNK2s&google_cver=1&google_push=AZmPxg9xGw-MzqUPlKlJUMtt2QJZG-tguHrXlJc-6dppTIO4pMw8kRk2kBjDYPBOsEzHTSdCNcaBeerS8n2YBASaHyShu_pj9A

Request Chain 144

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOe3OgNdNOtJSDNDHeH6o2k&google_cver=1&google_push=AZmPxg_iB0johpW5bXCJFnVkYm5DwpZvuUYjTsFm7Lvbcui9I2W93FxpP1hq3KmR07Ytfjvxa4gjgGV4NpVVrDOFECZOkTkkiw8 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEOe3OgNdNOtJSDNDHeH6o2k&google_cver=1&google_push=AZmPxg_iB0johpW5bXCJFnVkYm5DwpZvuUYjTsFm7Lvbcui9I2W93FxpP1hq3KmR07Ytfjvxa4gjgGV4NpVVrDOFECZOkTkkiw8 HTTP 302
https://p.rfihub.com/cm?in=1&pub=20513&ssp=google HTTP 302
https://x.bidswitch.net/sync?dsp_id=119&user_id=5123196423682171009&expires=30&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg_iB0johpW5bXCJFnVkYm5DwpZvuUYjTsFm7Lvbcui9I2W93FxpP1hq3KmR07Ytfjvxa4gjgGV4NpVVrDOFECZOkTkkiw8&google_hm=xUIJ6JfBT9uk7w_imqIAYA==

Request Chain 145

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEETFZJ4_WjZixjmNgRwhRds&google_cver=1&google_push=AZmPxg8Qlx12h2G0foaTDemJXyFl5q8nlSR2c9B0CPbg68FPUUULhKhCW9UojpvQlETBLtXXaCLJjjmSaOIosRUcbxYVfe0Zbvg HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEETFZJ4_WjZixjmNgRwhRds&google_cver=1&google_push=AZmPxg8Qlx12h2G0foaTDemJXyFl5q8nlSR2c9B0CPbg68FPUUULhKhCW9UojpvQlETBLtXXaCLJjjmSaOIosRUcbxYVfe0Zbvg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODYxODE0NjE4NDQ1NTAxNDM0Mw&google_push=AZmPxg8Qlx12h2G0foaTDemJXyFl5q8nlSR2c9B0CPbg68FPUUULhKhCW9UojpvQlETBLtXXaCLJjjmSaOIosRUcbxYVfe0Zbvg

Request Chain 147

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBRBqtATHJEEox6z36Og86s&google_cver=1&google_push=AZmPxg_7x63cvLiHmxFRCyVA7gO7J_v6Hik4bnwkH2hjM-1LPlIYcjs6R_ex6JJVzWhutphg_XnGxBpcLxRccvJZylUhy-D82mBh HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBRBqtATHJEEox6z36Og86s&google_cver=1&google_push=AZmPxg_7x63cvLiHmxFRCyVA7gO7J_v6Hik4bnwkH2hjM-1LPlIYcjs6R_ex6JJVzWhutphg_XnGxBpcLxRccvJZylUhy-D82mBh&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1IQ0VhZkZSRTJ1SEo4NG1tZEdfMzVudEFhdXJFRXZ3Mn5B&google_push=AZmPxg_7x63cvLiHmxFRCyVA7gO7J_v6Hik4bnwkH2hjM-1LPlIYcjs6R_ex6JJVzWhutphg_XnGxBpcLxRccvJZylUhy-D82mBh

Request Chain 148

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEBpCW7a0fhxsabGcqCSaRm8&google_cver=1&google_push=AZmPxg9oz1vgtifZSpZgbAGEMqA-EA1RoTS9g_jGBoP4qwJ9TdvXKLbVy_9GVP_Ky8TxNgSM5W-8jB9krXTYHLZHRw6iCbzI_ReS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTEyMDA3NTI2NjI4NDc3ODI4NA%3D%3D&google_gid=CAESEBpCW7a0fhxsabGcqCSaRm8&google_cver=1&google_push=AZmPxg9oz1vgtifZSpZgbAGEMqA-EA1RoTS9g_jGBoP4qwJ9TdvXKLbVy_9GVP_Ky8TxNgSM5W-8jB9krXTYHLZHRw6iCbzI_ReS

209 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.wtnzfox43.com/ 1 MB
140 KB 615ms
343ms Document
text/html 2606:4700:4400::6812:27f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wtnzfox43.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:27f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cae24bc1a8643ec77317e60407b95333dc7dac134336f718a9549d07e65acf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: public, max-age=120
cf-cache-status: EXPIRED
cf-ray: 75ff90697f9c5c1a-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 26 Oct 2022 01:54:27 GMT
expires: Wed, 26 Oct 2022 01:56:27 GMT
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-response-time: 160ms
x-xss-protection: 1; mode=block

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/ 118 KB
20 KB 140ms
50ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css

Requested by

Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 860
age: 20676095
cdn-cachedat: 02/17/2022 20:27:53
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"2f624089c65f12185e79925bc5a7fc42"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 441a5c346e6138207e493340368ec0b9
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 75ff906c49959b64-FRA
cdn-requestpullsuccess: True

GET
H2 200 app-880153a8c78c9ac87b50.css
ngw-static.franklyinc.com/assets/10763/ 306 KB
49 KB 160ms
55ms Stylesheet
text/css 2606:4700:4400::ac40:94e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
Requested by: Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:94e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9968e34bb5ed5d461966698b8b868be2ec2aa4476d9794ae9848a861fc34c7bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 05 Apr 2022 19:24:09 GMT
server: cloudflare
x-amz-request-id: 572A5GENXQFR4J4N
age: 777
etag: W/"e58a5be0290fe66e326bf427d75c83fe"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 75ff906c6d9b6904-FRA
x-amz-id-2: HrhZdW0xvFnyvhu6q1GyiCPuk15P5ZaNDq8XVFTmM5YyZMvd9hmgt3UAim6/2tkvz8w3xVwI/hw=
expires: Thu, 26 Oct 2023 01:54:27 GMT

GET
H2 200 custom-global-breaking-template.css
ftpcontent.worldnow.com/professionalservices/globalcss/ 6 KB
2 KB 155ms
47ms Stylesheet
text/css 2606:4700:4400::ac40:939e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ftpcontent.worldnow.com/professionalservices/globalcss/custom-global-breaking-template.css
Requested by: Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:939e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccf37da88c15002545387b804f0177b743796aa61bbe808d176b13b8ced3cce1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 29 Jun 2020 13:40:44 GMT
server: cloudflare
x-amz-request-id: 4PRKD2KRDC45M7R2
age: 11
etag: W/"4b357b45b8d5b6f57aefc58b78723684"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=300
cf-ray: 75ff906c6bb99b33-FRA
x-amz-id-2: XUxX7mfJIzaym+hW1DIFoiBqQ3n7kWIDW6t7YSN68jbrfYWyVpcTKACPoX2snBUwUkmvfEJD+lk=
expires: Wed, 26 Oct 2022 01:59:27 GMT

GET
H2 200 logo.css
ftpcontent.worldnow.com/professionalservices/globalcss/ 3 KB
1 KB 260ms
152ms Stylesheet
text/css 2606:4700:4400::ac40:939e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ftpcontent.worldnow.com/professionalservices/globalcss/logo.css
Requested by: Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:939e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6246ffa8b155104fe868b8695385b69fb02fe0dd7491faf4caad7fa5cce3cc52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:28 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 07 Feb 2022 19:27:28 GMT
server: cloudflare
x-amz-request-id: TYKE0GJREMYR9VHS
etag: W/"498e7c8c50bbb38d5b281f7ad6edd08c"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=300
cf-ray: 75ff906c6bba9b33-FRA
x-amz-id-2: CDEy7a5l9Z/DXGsunJHvvlYYTeMu6SNm9GMRAbpBPlvpcrJcwMbXmUB6JDa/hSEYJ4lymzdIDvw=
expires: Wed, 26 Oct 2022 01:59:28 GMT

GET
H2 403 Derrick.css
ftpcontent6.worldnow.com/wrde/ 0
0 147ms
43ms Stylesheet
text/html 2606:4700:4400::ac40:939e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ftpcontent6.worldnow.com/wrde/Derrick.css
Requested by: Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:939e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2 200 wrde_ngw.css
ftpcontent.worldnow.com/professionalservices/clients/wrde/ 5 KB
2 KB 156ms
49ms Stylesheet
text/css 2606:4700:4400::ac40:939e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ftpcontent.worldnow.com/professionalservices/clients/wrde/wrde_ngw.css
Requested by: Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:939e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae21801303b5c54d5b9edc86c4b793f49154c10370b1748d55e571da8c1834bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 15 Jul 2020 14:00:46 GMT
server: cloudflare
x-amz-request-id: JQ60H0VPB4SZ8D12
age: 22
etag: W/"8d5d25c637f71dec04c5a416682b6a1a"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=300
cf-ray: 75ff906c6bbc9b33-FRA
x-amz-id-2: dyIrnrtPEedvaM1zfAsG0X1a/6kyM38FRj2qWSGDhcE+i4whg/yVLoZ4Ktead+GZRWmZUozxpl8=
expires: Wed, 26 Oct 2022 01:59:27 GMT

GET
H2 200 jquery-2.2.0.min.js Show response
code.jquery.com/ 84 KB
29 KB 147ms
53ms Script
application/javascript 2001:4de0:ac18::1:a:3b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.0.min.js
Requested by: Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:27 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
server: nginx
etag: W/"62f659d6-14e55"
vary: Accept-Encoding
x-hw: 1666749267.dop122.fr8.t,1666749267.cds286.fr8.hn,1666749267.cds235.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29875

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/ 36 KB
11 KB 133ms
46ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js

Requested by

Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 722
age: 20684344
cdn-cachedat: 11/05/2021 16:36:29
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: bfa40aed2fbee600eecd4f43bc8c0656
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 75ff906c49969b64-FRA
cdn-requestpullsuccess: True

GET
H2 200 iframeResizer.contentWindow.min.js Show response
cdnjs.cloudflare.com/ajax/libs/iframe-resizer/3.5.3/ 13 KB
5 KB 130ms
42ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/iframe-resizer/3.5.3/iframeResizer.contentWindow.min.js

Requested by

Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b40175f360a2a073e1ae8e4ba504945023ae6733d2edff21d895c9165f65997b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15780000
age: 1356823
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4430
last-modified: Mon, 04 May 2020 16:11:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e9f-349a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75ff906ebcdb923e-FRA
expires: Mon, 16 Oct 2023 01:54:28 GMT

GET
H2 200 WNVideo.js Show response
wtnz.images.worldnow.com/interface/js/ 2 KB
1 KB 153ms
53ms Script
application/x-javascript 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wtnz.images.worldnow.com/interface/js/WNVideo.js
Requested by: Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09061c6edd1088f5c30cc04c0a845762619c6407a339010738e6858486009435

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 14 Nov 2018 14:25:16 GMT
server: cloudflare
age: 4981
x-amz-request-id: MJ85PMASYY94BJF0
etag: W/"9725d80ca65bff6d5a14bd2d463057e5"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 75ff906c5bd79b39-FRA
x-amz-id-2: +SmCYHjDJVKqy220gI8jN2J8yHqXA+9MmJt80BqqOuIsTwvMfeXH1G/3wSTTzzJv5H/4i5DYXoU=
expires: Wed, 26 Oct 2022 05:54:27 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 214 KB
75 KB 142ms
59ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-F3QMS4WPJ8

Requested by

Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

22914c9c8272747308b2007c2c503aba865f7f05b81be326ed90f5b888df9fd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76630
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 26 Oct 2022 01:54:28 GMT

GET
H2 200 19743741_G.png
wtnz.images.worldnow.com/images/ 302 B
715 B 55ms
55ms Image
image/png 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wtnz.images.worldnow.com/images/19743741_G.png

Requested by

Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

880018f8aba42ac1bb2cc5967f657b50d600f1cba4b91e02aef0a64e1e041bd5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:28 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 302
cf-resized: internal=ok/h q=0 n=7 c=1 v=2022.9.3 l=302
last-modified: Tue, 21 Jul 2020 20:27:54 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cf1rHaihBzeFqZs3PZWM9NBA:914cc4da7fcd377c33ea25b5d22256d5"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff907168fb9b39-FRA

GET
H2 200 19743740_G.png
wtnz.images.worldnow.com/images/ 440 B
629 B 53ms
52ms Image
image/png 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wtnz.images.worldnow.com/images/19743740_G.png

Requested by

Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05dda2cb47317201eb228289f1316b7aa3803e8441a2a1d1d0374e4d52ebe642

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:28 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 440
cf-resized: internal=ok/h q=0 n=15 c=0+2 v=2022.10.4 l=440
last-modified: Tue, 21 Jul 2020 20:27:35 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfTZ9c0BMVjgtoz0wJut0VtA:6b506c56c835fb7d44338ddb2db1e652"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff9071c9569b39-FRA

GET
H2 200 19743742_G.jpeg
wtnz.images.worldnow.com/images/ 11 KB
11 KB 50ms
50ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wtnz.images.worldnow.com/images/19743742_G.jpeg

Requested by

Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0e49738dac457f1c0b1b906c96da239b5b2361e4318a31b401487ac1dd89077

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:28 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 11269
cf-resized: internal=ok/h q=0 n=9 c=0+17 v=2022.10.4 l=11269
last-modified: Tue, 21 Jul 2020 20:28:09 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfyPdZnqZFALIa10A5YBz9dw:e94adaf046579cda47b24541deb31cbe"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff9072199b9b39-FRA

GET
H2 200 get.js Show response
cdn.cityspark.com/wid/ 2 KB
1 KB 193ms
38ms Script
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cityspark.com/wid/get.js
Requested by: Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CB9) /
Resource Hash: 948c224783bfc65ebe57eaca98e5968a10717272ed8120746501997509fa564c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 26 Oct 2022 01:54:28 GMT
content-encoding: gzip
content-md5: DgH26NwpVpUJ7mY3mCxUbA==
age: 524606
x-cache: HIT
content-length: 919
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 07 May 2020 14:25:32 GMT
server: ECAcc (frc/4CB9)
etag: "0x8D7F2927FD84964+gzip"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 89709640-201e-0011-2b18-e462b9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version: 2014-02-14

GET
H2 200 app-a708c222c663fd6ca8a3.js Show response
ngw-static.franklyinc.com/assets/10763/ 4 MB
1 MB 52ms
52ms Script
application/javascript 2606:4700:4400::ac40:94e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ngw-static.franklyinc.com/assets/10763/app-a708c222c663fd6ca8a3.js
Requested by: Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:94e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cad672c165dfff15dfb40f6d2711d0071566a5a5894dae0beba5d1f30819b71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 05 Apr 2022 19:24:10 GMT
server: cloudflare
x-amz-request-id: NPNVAF57W19CE3VX
age: 777
etag: W/"44626e575a5558bfc9f91d067b4272e7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 75ff906cde046904-FRA
x-amz-id-2: GPmy52xBLNc09P/6QbqKKS2mRr6A2rcouTt7G1KG3JA7JA1+8M/8Nc3Y75GNljI3puO9JxKi+i4=
expires: Thu, 26 Oct 2023 01:54:27 GMT

GET
H2 200 ccpa.js Show response
ftpcontent.worldnow.com/professionalservices/globalcss/ 1 KB
738 B 49ms
48ms Script
application/javascript 2606:4700:4400::ac40:939e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ftpcontent.worldnow.com/professionalservices/globalcss/ccpa.js
Requested by: Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:939e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca1cb59cc3b69c5722e1f69a2ba65a15ca125e61c5cdc0b97888875d4be0a167

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:28 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 29 Jun 2020 18:52:15 GMT
server: cloudflare
x-amz-request-id: 198R75XT5JT33DRC
age: 56
etag: W/"0ee412381eea4aba59e8a80ef1b33cb2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300
cf-ray: 75ff906d5caf9b33-FRA
x-amz-id-2: /iQgidryOrvVtJjI1/Swx+9OVfdjTD6O3nFF+grD/z8uLm9pdQrhvehg2aa3qFFYAJ48MMoBvTQ=
expires: Wed, 26 Oct 2022 01:59:28 GMT

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
1 KB 131ms
46ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: ftpcontent.worldnow.com
URL: https://ftpcontent.worldnow.com/professionalservices/globalcss/logo.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ftpcontent.worldnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 26 Oct 2022 01:54:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 01:36:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Oct 2022 01:54:28 GMT

GET
H2 200 off-platform.min.css
content.worldnow.com/global/css/_pub/ 89 KB
27 KB 156ms
47ms Stylesheet
text/css 2606:4700:4400::6812:2862
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://content.worldnow.com/global/css/_pub/off-platform.min.css?ver=7.15.0-5
Requested by: Host: wtnz.images.worldnow.com
URL: https://wtnz.images.worldnow.com/interface/js/WNVideo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2862 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e79f020cc59ca8790cd2e0c3d43440fdfd1f6a6fb6b3e51d4847e62a3d862b31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:28 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 27 Sep 2022 19:49:46 GMT
wn: IISCOM02
server: cloudflare
age: 46001
etag: "0297a4baad2d81:0"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 75ff906efb7cbb3e-FRA
content-length: 27881
expires: Wed, 26 Oct 2022 05:54:28 GMT

GET
H2 200 wtnz.config.js Show response
content.worldnow.com/global/js/_pub/ 12 KB
4 KB 623ms
514ms Script
application/x-javascript 2606:4700:4400::6812:2862
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://content.worldnow.com/global/js/_pub/wtnz.config.js?ver=7.15.0-5
Requested by: Host: wtnz.images.worldnow.com
URL: https://wtnz.images.worldnow.com/interface/js/WNVideo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2862 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5c9d4b166ecdc203c4b8bbcf475f98d4dd9fa94dde35d2e40389ddcb5c6a3ba

Request headers

Referer: https://www.wtnzfox43.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 26 Oct 2022 01:54:28 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 15 Sep 2021 16:12:54 GMT
wn: IISCOM01
server: cloudflare
age: 46001
etag: W/"0c7fc894caad71:0"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 75ff906efb7fbb3e-FRA
expires: Wed, 26 Oct 2022 05:54:28 GMT

GET
H2 200 wnaffiliateconfig.js Show response
wtnz.images.worldnow.com/interface/js/ 40 KB
7 KB 54ms
54ms Script
application/x-javascript 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wtnz.images.worldnow.com/interface/js/wnaffiliateconfig.js?ver=7.15.0-5
Requested by: Host: wtnz.images.worldnow.com
URL: https://wtnz.images.worldnow.com/interface/js/WNVideo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37b44dbe703be939b91a06b44e66fbbf69a357ab6c6f2617375041e0075870d1

Request headers

Referer: https://www.wtnzfox43.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 26 Oct 2022 01:54:28 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 29 Aug 2022 14:38:10 GMT
server: cloudflare
age: 4981
x-amz-request-id: F1FN7KS30064X9NS
etag: W/"52c4723ddf243978491482165c1f7638"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 75ff906e4d929b39-FRA
x-amz-id-2: vbnkFeZxii4OkRxCLB1yYfomnAjfzxPEvpLLvH6SpOZP2MZaimXhkrk0oxgW1sHiyha113eswTs=
expires: Wed, 26 Oct 2022 05:54:28 GMT

GET
H2 200 off-platform.min.js Show response
content.worldnow.com/global/js/_pub/ 2 MB
472 KB 168ms
59ms Script
application/x-javascript 2606:4700:4400::6812:2862
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://content.worldnow.com/global/js/_pub/off-platform.min.js?ver=7.15.0-5
Requested by: Host: wtnz.images.worldnow.com
URL: https://wtnz.images.worldnow.com/interface/js/WNVideo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2862 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 065e8b1a2b6a14b59d6e142d6696552c2fc53a62fefc44c34c8aa1c4e1c2633b

Request headers

Referer: https://www.wtnzfox43.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 26 Oct 2022 01:54:28 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 27 Sep 2022 19:49:46 GMT
wn: IISCOM01
server: cloudflare
age: 46001
etag: W/"0297a4baad2d81:0"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 75ff906efb82bb3e-FRA
expires: Wed, 26 Oct 2022 05:54:28 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 380 KB
127 KB 146ms
46ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: content.worldnow.com
URL: https://content.worldnow.com/global/js/_pub/off-platform.min.js?ver=7.15.0-5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d5ef5208fc3f2d69568af5bc061bacac841da199c81e78e43692f73f21a8bd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 129663
x-xss-protection: 0
expires: Wed, 26 Oct 2022 01:54:28 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 146 KB
53 KB 53ms
52ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WV2QLD&l=franklyDataLayer

Requested by

Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

640df844e66ad8f2c4d75663b116f8215e878ac03e6be793dac3354126178377

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53808
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 00:11:56 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 26 Oct 2022 01:54:28 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4c9ddf7420489fbd37567cca1557de5745e0e8c53802ae8b7a8f81f7de95aeec

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 2iO5YNY.woff2
ngw-static.franklyinc.com/assets/10763/ 75 KB
76 KB 231ms
154ms Font
font/woff2 2606:4700:4400::ac40:94e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ngw-static.franklyinc.com/assets/10763/2iO5YNY.woff2
Requested by: Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:94e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
Origin: https://www.wtnzfox43.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:29 GMT
cf-cache-status: HIT
x-amz-request-id: 5APGRMRS1YXYK29C
content-length: 77160
x-amz-id-2: BK6T6QT9YLhze5ClybOkHldXXeHGrmZrf1xJ1z/5j4TKi63YRhFDXy6pYvt7a3Q6e3gmBDf65lc=
last-modified: Tue, 05 Apr 2022 19:24:08 GMT
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 75ff9072fda26931-FRA
expires: Thu, 26 Oct 2023 01:54:29 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 126ms
36ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.wtnzfox43.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 05:09:29 GMT
x-content-type-options: nosniff
age: 420299
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Oct 2023 05:09:29 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 134ms
46ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.wtnzfox43.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 13:14:53 GMT
x-content-type-options: nosniff
age: 391175
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Oct 2023 13:14:53 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
349 B 153ms
44ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-F3QMS4WPJ8&gtm=2oeao0&_p=1395689748&cid=1805160477.1666749269&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1666749268&sct=1&seg=0&dl=https%3A%2F%2Fwww.wtnzfox43.com%2F&dt=WTNZ%20-%20Fox43&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F3QMS4WPJ8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wtnzfox43.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3A8MZF4.png
ngw-static.franklyinc.com/assets/10763/ 145 B
337 B 48ms
48ms Image
image/png 2606:4700:4400::ac40:94e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngw-static.franklyinc.com/assets/10763/3A8MZF4.png
Requested by: Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:94e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf1c90e0a85488caa38447e62d3a3dd7811963fb83ac7bd2ad0a9d04d8a7bbc9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:28 GMT
cf-cache-status: HIT
x-amz-request-id: SMJSVR4RNS8H0Y5Z
age: 1875
content-length: 145
x-amz-id-2: nrdiUQKjiI/m6xgi0byjhFERBUFz8hdDNT0b8VQQj7DR3ud5hupF59nW8tOmoAgFOJEpQRd0ppc=
last-modified: Tue, 05 Apr 2022 19:24:08 GMT
server: cloudflare
etag: "3a5fb08143e931aded1e59fa39c3d8ca"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 75ff9072bb476904-FRA
expires: Thu, 26 Oct 2023 01:54:28 GMT

GET
H2 200 3sX1XaI.png
ngw-static.franklyinc.com/assets/10763/ 302 B
536 B 48ms
47ms Image
image/png 2606:4700:4400::ac40:94e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngw-static.franklyinc.com/assets/10763/3sX1XaI.png
Requested by: Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:94e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ad9ab0634909d4d9ff66ad340b6a14ca2f3d76120e02d73f37a196598877d71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:28 GMT
cf-cache-status: HIT
x-amz-request-id: WG6XQYE6RSV04GDA
age: 1875
content-length: 302
x-amz-id-2: Y+oowV0pZeOgXsyu5xjsQMs/ZIk2RHl6k5hr9APX2ByPGt72xZkBQPGgBNFh/o4WBgUZnDTkGmM=
last-modified: Tue, 05 Apr 2022 19:24:09 GMT
server: cloudflare
etag: "21eed4c20a1e748a1637cf53696520c2"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 75ff9072bb496904-FRA
expires: Thu, 26 Oct 2023 01:54:28 GMT

GET
H2 200 4-a708c222c663fd6ca8a3.js Show response
ngw-static.franklyinc.com/assets/10763/ 145 B
364 B 52ms
52ms Script
application/javascript 2606:4700:4400::ac40:94e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ngw-static.franklyinc.com/assets/10763/4-a708c222c663fd6ca8a3.js
Requested by: Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-a708c222c663fd6ca8a3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:94e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d6396255369987f962fe3c3a7e2e19c73093c196a87f998333cbfcd6b5236d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:29 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 05 Apr 2022 19:24:09 GMT
server: cloudflare
x-amz-request-id: 2X6WG17SSX6D2GMY
age: 3563
etag: W/"c0729cee8a75fb948963d73ab873a79b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 75ff90737bdb6904-FRA
x-amz-id-2: cv8YcQUVQ4w5EHXKYtIucydRREmd2zr1XZwp9IDhl9kI+WFKiJFdHB/94OVYt6h2yV2SAk1dyb0=
expires: Thu, 26 Oct 2023 01:54:29 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 78 KB
27 KB 147ms
45ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: content.worldnow.com
URL: https://content.worldnow.com/global/js/_pub/off-platform.min.js?ver=7.15.0-5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c6dce761e72309f05b20d64d404ca9798d126f01de528969d0b37f546bcd319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27344
x-xss-protection: 0
server: sffe
etag: "1374 / 625 of 1000 / last-modified: 1666747876"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 26 Oct 2022 01:54:29 GMT

GET
H/1.1 200
OK widgetinfo Show response
p.cityspark.com/api/widgets/ 32 KB
12 KB 705ms
191ms Script
application/json 52.160.40.218
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cityspark.com/api/widgets/widgetinfo?wid=9924&callback=jsonp1666750073027
Requested by: Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.160.40.218 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4d45fdd380c77993c21d53f91081164c1ed5a4476f7fe346cfbb5b57db660ec2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 01:54:29 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 121ms
37ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WV2QLD&l=franklyDataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 26 Oct 2022 01:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2315
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 26 Oct 2022 03:15:54 GMT

GET
H2 200 resources Show response
www.wtnzfox43.com/api/componentInstances/header[0].cols[0].components[0],/ 140 B
318 B 216ms
215ms XHR
application/json 2606:4700:4400::6812:27f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wtnzfox43.com/api/componentInstances/header[0].cols[0].components[0],/resources

Requested by

Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-a708c222c663fd6ca8a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:27f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef433318964493c3633452d864bd04c3ba138cde3cc448f5a67e6309dc405406

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wtnzfox43.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-dns-prefetch-control: off
content-length: 129
x-xss-protection: 1; mode=block
x-response-time: 41ms
server: cloudflare
etag: W/"8c-8eMiPLS40hxRAM1//Nd1uyMEGkY"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=180
accept-ranges: bytes
cf-ray: 75ff9074dcc45c1a-FRA
expires: Wed, 26 Oct 2022 01:57:29 GMT

GET
H2 200 resources Show response
www.wtnzfox43.com/api/componentInstances/routes[1].body[1].cols[1].components[0],/ 57 KB
7 KB 460ms
460ms XHR
application/json 2606:4700:4400::6812:27f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wtnzfox43.com/api/componentInstances/routes[1].body[1].cols[1].components[0],/resources

Requested by

Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-a708c222c663fd6ca8a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:27f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52538888302d08b9114a03db87f7009796143758b9aab538ec94bb064203c734

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wtnzfox43.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-dns-prefetch-control: off
content-length: 6709
x-xss-protection: 1; mode=block
x-response-time: 291ms
server: cloudflare
etag: W/"e569-ZsIXvVVfzVPd/D7nmgnjwcI4uyc"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=180
accept-ranges: bytes
cf-ray: 75ff9074fd215c1a-FRA
expires: Wed, 26 Oct 2022 01:57:29 GMT

GET
H2 200 status Show response
www.wtnzfox43.com/api/closings/ 15 B
136 B 246ms
246ms XHR
application/json 2606:4700:4400::6812:27f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wtnzfox43.com/api/closings/status

Requested by

Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-a708c222c663fd6ca8a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:27f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a2c2ea5065da01756d3890c77cfb78a8efc9ff5fff002ef58d7af9e5640deb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wtnzfox43.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:29 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-dns-prefetch-control: off
content-length: 15
x-xss-protection: 1; mode=block
x-response-time: 78ms
server: cloudflare
etag: "f-/bIYGMuMX5eJx+88HDS9T15FmIw"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
accept-ranges: bytes
cf-ray: 75ff90750d405c1a-FRA
expires: Wed, 26 Oct 2022 01:56:29 GMT

GET
H2 200 resources Show response
www.wtnzfox43.com/api/componentInstances/header[0].cols[0].components[4].props.weatherWidget,/ 840 B
564 B 357ms
357ms XHR
application/json 2606:4700:4400::6812:27f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wtnzfox43.com/api/componentInstances/header[0].cols[0].components[4].props.weatherWidget,/resources

Requested by

Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-a708c222c663fd6ca8a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:27f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6f512135d32bd17b2662ea6e36a3e5ed0ee338a9d54bd0294e2a543d95214fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wtnzfox43.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-dns-prefetch-control: off
content-length: 460
x-xss-protection: 1; mode=block
x-response-time: 192ms
server: cloudflare
etag: W/"348-DxMM0CZX7C92RyRHMVztzihyywI"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=180
accept-ranges: bytes
cf-ray: 75ff90751d415c1a-FRA
expires: Wed, 26 Oct 2022 01:57:29 GMT

GET
H2 200 19731324_G.png
wtnz.images.worldnow.com/images/ 26 KB
26 KB 54ms
52ms Image
image/png 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wtnz.images.worldnow.com/images/19731324_G.png?auto=webp&disable=upscale&dpr=2&height=70&fit=bounds

Requested by

Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d419cccf5c9dd96368919e7526da90913b9f3bff11dc4e0c43010e6282ae0fdd

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:29 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 26565
cf-resized: internal=ok/h q=0 n=14 c=71 v=2022.9.6 l=26565
last-modified: Wed, 29 Jul 2020 19:17:03 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfzSKlY2yLjm9aG3APXrOJwA:da568d830f07a77bd14eb1eb2468778c"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff90752c139b39-FRA

GET
H2 200 19735316_G.png
wtnz.images.worldnow.com/images/ 190 KB
190 KB 55ms
53ms Image
image/png 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wtnz.images.worldnow.com/images/19735316_G.png?auto=webp&disable=upscale&height=580&fit=bounds

Requested by

Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad5befcda38c3d70681342c7daf53e34a107982fcd8f5b1dcbba00b973a07fe4

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:29 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 194631
cf-resized: internal=ok/h q=0 n=20 c=23+253 v=2022.10.4 l=194631
last-modified: Fri, 17 Jul 2020 21:22:31 GMT
cf-bgj: imgq:83,h2pri
server: cloudflare
etag: "cfA8HQrdRMYab1jrhzpWDEHw:68426079e5b3e6eb411d6b5ae27050a9"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff90752c159b39-FRA

GET
H2 200 23544118_G.jpg
stacker.images.worldnow.com/images/ 5 KB
5 KB 130ms
95ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stacker.images.worldnow.com/images/23544118_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1666638602000

Requested by

Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c714279e82caf70e5630a5cc18b98f7c43a79570bae0d8ed9c806d356e8d1ed

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:29 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 4757
cf-resized: internal=ok/m q=0 n=89 c=3+15 v=2022.10.4 l=4757
last-modified: Mon, 24 Oct 2022 23:10:03 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cf0cukACYdowFpMf7eFJKr2w:cbdc4aa9bf6c123a6f765b53e3b21bf4"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff90756c4b9b39-FRA

GET
H2 200 23535717_G.png
stacker.images.worldnow.com/images/ 16 KB
16 KB 95ms
60ms Image
image/png 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stacker.images.worldnow.com/images/23535717_G.png?auto=webp&disable=upscale&width=180&lastEditedDate=1666366693000

Requested by

Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

340ab57d29d11c88e0325d87bcc96681eb96fd206187d81c21f65fe369c99d2c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:29 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 16557
cf-resized: internal=ok/h q=0 n=41 c=68+86 v=2022.10.4 l=16557
last-modified: Fri, 21 Oct 2022 19:38:14 GMT
cf-bgj: imgq:93,h2pri
server: cloudflare
etag: "cfSrOfD8OJYofZplFf9qNJog:93fa08b38e1552714c8aceab6fb55489"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff90756c499b39-FRA

GET
H2 200 23521831_G.png
prsubmitpresslifestyle.images.worldnow.com/images/ 5 KB
6 KB 94ms
71ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prsubmitpresslifestyle.images.worldnow.com/images/23521831_G.png?auto=webp&disable=upscale&width=180&lastEditedDate=1666184022000

Requested by

Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a975ed5a70fb131883fd1ec66ed577c5e07b8e2cd14bdc540d4abc7ab879019e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:29 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 5526
cf-resized: internal=ok/h q=0 n=16 c=20+43 v=2022.10.4 l=5526
last-modified: Wed, 19 Oct 2022 16:53:43 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfon1frnZmrn7l6OAn0CT9bA:168ac186cdf747f0126f0f3cb5ab5c5a"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff90754c369b39-FRA

GET
H2 200 23544648_G.png
cntsyncont.images.worldnow.com/images/ 17 KB
17 KB 93ms
72ms Image
image/png 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23544648_G.png?auto=webp&disable=upscale&width=180&lastEditedDate=1666665299000

Requested by

Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2458a27f0a0db737b6409d8219566d92690d94544bdc512b50cbcac4e1913339

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:29 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 17435
cf-resized: internal=ok/r q=0 n=58 c=9+37 v=2022.10.4 l=17435
last-modified: Tue, 25 Oct 2022 06:35:01 GMT
cf-bgj: imgq:95,h2pri
server: cloudflare
etag: "cfmlSA0QMXQQ-5qNtfkg2BPw:c6d3858b98ebb0ee4ac9425ba2679d78"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff90754c2f9b39-FRA

GET
H2 200 23536586_G.jpg
cntsyncont.images.worldnow.com/images/ 5 KB
5 KB 93ms
72ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23536586_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1666398869000

Requested by

Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4e4f18402de8bc6a29c6cad718d72f69f5bb14926c461aa51276d69f2a2715a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:29 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 5303
cf-resized: internal=ok/h q=0 n=7 c=8+16 v=2022.10.4 l=5303
last-modified: Sat, 22 Oct 2022 04:34:30 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cf2LFFhWyHgJ5snIxwnE3UbA:7ac48e8abecaa038cf18299156ee229f"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff90754c319b39-FRA

GET
H2 200 23523184_G.jpg
cntsyncont.images.worldnow.com/images/ 6 KB
6 KB 92ms
71ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23523184_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1666222385000

Requested by

Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cee747e2a0da7a87f0af6e3421959a71c107013d69fa1b464b0bc59909bc5d6

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:29 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 5835
cf-resized: internal=ok/h q=0 n=24 c=8+14 v=2022.10.4 l=5835
last-modified: Thu, 20 Oct 2022 03:33:06 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfJ9BPHPHgNrAsWnWX4LWOng:b2c2c149e547d11af91a460af1bf2d50"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff90754c309b39-FRA

GET
H2 200 19313808_G.jpg
wdfx.images.worldnow.com/images/ 10 KB
10 KB 94ms
72ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wdfx.images.worldnow.com/images/19313808_G.jpg?auto=webp&disable=upscale&width=300

Requested by

Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01d792866b302a1c7bbcdf6d7ac044de1e247f8443037121be757a4166d66ce7

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:29 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 10183
cf-resized: internal=ok/h q=0 n=42 c=0+24 v=2022.10.4 l=10183
last-modified: Mon, 06 Apr 2020 17:47:16 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfrDd2ro2RhurCnyR-_XbD1w:e9d429ee90f3d05de4962461e425af56"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff90754c339b39-FRA

GET
H2 200 19788360_G.jpg
wtnz.images.worldnow.com/images/ 7 KB
7 KB 52ms
51ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wtnz.images.worldnow.com/images/19788360_G.jpg?auto=webp&disable=upscale&width=auto

Requested by

Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee5cd4d7546e818f0ce9229dbc7b1cc82f25611fa60c5ad26cdf8e6e7195a418

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:29 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 6710
cf-resized: internal=ok/h q=0 n=11 c=0+14 v=2022.10.3 l=6710
last-modified: Thu, 06 Aug 2020 19:33:38 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cf6x7-XB2FS-yHLp5Omj-vVg:34b7b6a707b2c3ee4fa0b79d12644080"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff90752c179b39-FRA

GET
H/1.1 200
OK widgetinfo Show response
p.cityspark.com/api/widgets/ 32 KB
12 KB 577ms
194ms Script
application/json 52.160.40.218
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cityspark.com/api/widgets/widgetinfo?wid=9924&callback=jsonp1666750215979
Requested by: Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.160.40.218 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8606e94137a3d18d44fd91d59b1bfe8b15907885e8de54a022cd3179f04130bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 01:54:29 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8

GET
H2 200 videojs.ima.1.5.1-3.js Show response
ftpcontent.worldnow.com/platform-files/plugins/ 85 KB
17 KB 50ms
50ms Script
application/x-javascript 2606:4700:4400::ac40:939e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ftpcontent.worldnow.com/platform-files/plugins/videojs.ima.1.5.1-3.js
Requested by: Host: content.worldnow.com
URL: https://content.worldnow.com/global/js/_pub/off-platform.min.js?ver=7.15.0-5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:939e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f3798fda606318f77c6558057b8ff7abafe73bd30332fe8cfa4d177d3682785

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:29 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-meta-user-agent-id: professionalservices@s-d08b37440bfd4618b
x-amz-request-id: NZRM4483RH69D0GG
age: 23
x-amz-id-2: K1KNONMHA6wmypKnO+cPJlWAei5WVCId/wdzgtGXujgCDWfhJlFMWgjWdRRx/Slmxkj/odg2mrU=
last-modified: Mon, 28 Oct 2019 19:35:47 GMT
server: cloudflare
etag: W/"8adaa86214cf79d9c87e21aed1384592"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=300
cf-ray: 75ff90753c1b9b33-FRA
expires: Wed, 26 Oct 2022 01:59:29 GMT

GET
H2 200 pubads_impl_2022102001.js Show response
securepubads.g.doubleclick.net/gpt/ 378 KB
128 KB 83ms
38ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26e336b5a4bcf66f5344dab464263c6379803de92d4643ac2688dfa8190dd7dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 20:16:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20268
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130516
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 08:34:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 25 Oct 2023 20:16:41 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 95 B
718 B 177ms
50ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.wtnzfox43.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c33ab3251f254d347bf92d9f5a74b97dbe8fe2fe45cc892db3071c3e51c2218

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82
x-xss-protection: 0
expires: Wed, 26 Oct 2022 01:54:29 GMT

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 115ms
37ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:43:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 650
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 26 Oct 2022 02:43:39 GMT

GET
H2 200 can-autoplay.3.0.0-1.js Show response
ftpcontent.worldnow.com/platform-files/plugins/ 8 KB
2 KB 47ms
47ms Script
application/x-javascript 2606:4700:4400::ac40:939e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ftpcontent.worldnow.com/platform-files/plugins/can-autoplay.3.0.0-1.js
Requested by: Host: content.worldnow.com
URL: https://content.worldnow.com/global/js/_pub/off-platform.min.js?ver=7.15.0-5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:939e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a12baf864d29f1fe05f1b1ac339d673b526281ff856de34c1c49159419421c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:29 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-meta-user-agent-id: professionalservices@s-d08b37440bfd4618b
x-amz-request-id: B8AM9CYMRAH9Y9DD
age: 22
x-amz-id-2: eca6aPQw7rl4nGiE2lh2Pmy+6eNnuCoUXMZmOvj3lME9nVr7De4z5SUsNTHJ/45EZ+xoCt2xGD0=
last-modified: Mon, 28 Oct 2019 19:35:47 GMT
server: cloudflare
etag: W/"cee92fb89ab4f849569bd1354aeb4618"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=300
cf-ray: 75ff9075cc909b33-FRA
expires: Wed, 26 Oct 2022 01:59:29 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
441 B 148ms
48ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-82494642-224&cid=1805160477.1666749269&jid=1787819472&gjid=868458678&_gid=217135678.1666749269&_u=aChAgUAjAAAAAEACM~&z=2052555333

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wtnzfox43.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 26 Oct 2022 01:54:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wtnzfox43.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 37ms
37ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1395689748&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wtnzfox43.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Home%20-%20WTNZ%20Fox43%20-%20WTNZ%20-%20Fox43&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aChAgUAjAAAAAAACM~&jid=1787819472&gjid=868458678&cid=1805160477.1666749269&tid=UA-82494642-224&_gid=217135678.1666749269&gtm=2wgao0WV2QLD&cg1=Homepage&cg2=null&cg3=null&cg4=wtnz&cd1=Lockwood%20Broadcast%20Group&cd2=GTM-WV2QLD&cd3=59&cd4=&cd5=&cd7=1666749269068&cd8=1666749269068.kr2asnqx&cd9=0&cd10=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F106.0.5249.119%20Safari%2F537.36&cd11=1418&cd12=wtnz&cd13=62&cd22=Homepage&cd32=ResponsiveWeb&z=1160418594

Requested by

Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 03:29:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 80695
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 157ms
47ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.wtnzfox43.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 147ms
48ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.wtnzfox43.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 753 B
435 B 873ms
797ms XHR
text/plain 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1744550744521387&correlator=2410066162479540&eid=31068458%2C44768258%2C31070110%2C44772496&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fif&iu_parts=43459271%3A22684687957%2Cloc-desktop%2Cwtnz%2Cweb%2Cweather&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=88x30&ifi=1&adks=3182753813&sfv=1-0-38&prev_scp=wnsz%3D124&cust_params=wncid%3D177546%26wnpt%3DNA%26ispartner%3Dtrue%26wndomain%3Dhttps%25253A%252F%252Fwww.wtnzfox43.com&sc=1&cookie_enabled=1&abxe=1&dt=1666749269515&lmt=1666749269&dlt=1666749267764&idt=1716&adxs=1382&adys=44&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wtnzfox43.com%2F&frm=20&vis=1&psz=88x0&msz=88x0&fws=512&ohw=0&ga_vid=1805160477.1666749269&ga_sid=1666749270&ga_hid=1395689748&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb270ebd7674e1ef22e11c676f79e755154bc6b4f3ceff2fbdbabe3ccc4f301d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 405
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wtnzfox43.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 53 KB
13 KB 363ms
287ms XHR
text/plain 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1744550744521387&correlator=2410066162479540&eid=31068458%2C44768258%2C31070110%2C44772496&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fif&iu_parts=43459271%3A22684687957%2Cloc-desktop%2Cwtnz%2Cweb%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=970x90%7C728x90&ifi=2&adks=556621095&sfv=1-0-38&prev_scp=wnsz%3D41&cust_params=wncid%3D177546%26wnpt%3DNA%26ispartner%3Dtrue%26wndomain%3Dhttps%25253A%252F%252Fwww.wtnzfox43.com&sc=1&cookie_enabled=1&abxe=1&dt=1666749269522&lmt=1666749269&dlt=1666749267764&idt=1716&adxs=84&adys=174&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wtnzfox43.com%2F&frm=20&vis=1&psz=1432x0&msz=1432x0&fws=0&ohw=0&ga_vid=1805160477.1666749269&ga_sid=1666749270&ga_hid=1395689748&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdde589a6fe11353d5aa27149892a0eb2364235c57b59be008cfc9fdabb4ae08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13428
x-xss-protection: 0
google-lineitem-id: 6084843041
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138400723574
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wtnzfox43.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 640 B
360 B 722ms
645ms XHR
text/plain 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1744550744521387&correlator=2410066162479540&eid=31068458%2C44768258%2C31070110%2C44772496&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fif&iu_parts=43459271%3A22684687957%2Cloc-desktop%2Cwtnz%2Cweb%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90&ifi=3&adks=3680785357&sfv=1-0-38&prev_scp=wnsz%3D246&cust_params=wncid%3D177546%26wnpt%3DNA%26ispartner%3Dtrue%26wndomain%3Dhttps%25253A%252F%252Fwww.wtnzfox43.com&sc=1&cookie_enabled=1&abxe=1&dt=1666749269525&lmt=1666749269&dlt=1666749267764&idt=1716&adxs=84&adys=875&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wtnzfox43.com%2F&frm=20&vis=1&psz=1072x20&msz=1072x0&fws=0&ohw=0&ga_vid=1805160477.1666749269&ga_sid=1666749270&ga_hid=1395689748&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd5cb01f654a740a26942107c8bb0a2cbb42735353acd68f180295d3ba4f8d90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 330
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wtnzfox43.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
9 KB 1141ms
1065ms XHR
text/plain 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1744550744521387&correlator=2410066162479540&eid=31068458%2C44768258%2C31070110%2C44772496&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fif&iu_parts=43459271%3A22684687957%2Cloc-desktop%2Cwtnz%2Cweb%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250&ifi=4&adks=2631301871&sfv=1-0-38&prev_scp=wnsz%3D43&cust_params=wncid%3D177546%26wnpt%3DNA%26ispartner%3Dtrue%26wndomain%3Dhttps%25253A%252F%252Fwww.wtnzfox43.com&sc=1&cookie_enabled=1&abxe=1&dt=1666749269528&lmt=1666749269&dlt=1666749267764&idt=1716&adxs=1164&adys=328&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wtnzfox43.com%2F&frm=20&vis=1&psz=352x0&msz=352x0&fws=0&ohw=0&ga_vid=1805160477.1666749269&ga_sid=1666749270&ga_hid=1395689748&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40aa0e322fa316e3288d2f6156508eb903a0dd75f2b55bb85a3c566af06a5ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9164
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wtnzfox43.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 640 B
363 B 514ms
439ms XHR
text/plain 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1744550744521387&correlator=2410066162479540&eid=31068458%2C44768258%2C31070110%2C44772496&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fif&iu_parts=43459271%3A22684687957%2Cloc-desktop%2Cwtnz%2Cweb%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90&ifi=5&adks=2225329884&sfv=1-0-38&prev_scp=wnsz%3D346&cust_params=wncid%3D177546%26wnpt%3DNA%26ispartner%3Dtrue%26wndomain%3Dhttps%25253A%252F%252Fwww.wtnzfox43.com&sc=1&cookie_enabled=1&abxe=1&dt=1666749269531&lmt=1666749269&dlt=1666749267764&idt=1716&adxs=84&adys=2175&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wtnzfox43.com%2F&frm=20&vis=1&psz=1072x0&msz=1072x0&fws=0&ohw=0&ga_vid=1805160477.1666749269&ga_sid=1666749270&ga_hid=1395689748&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d98695088c9aa468d4a0b44430109d7db5776940169ec99275238675dc593e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 333
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wtnzfox43.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 19731324_G.png
wtnz.images.worldnow.com/images/ 6 KB
6 KB 50ms
48ms Image
image/png 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wtnz.images.worldnow.com/images/19731324_G.png?auto=webp&disable=upscale&width=180

Requested by

Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6d9938e7a9a011bf288df644ac7987890b9f196e7e9548003ee84564e19d575

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:29 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 6072
cf-resized: internal=ok/h q=0 n=10 c=17+52 v=2022.10.4 l=6072
last-modified: Wed, 29 Jul 2020 19:17:03 GMT
cf-bgj: imgq:96,h2pri
server: cloudflare
etag: "cfv7XI-9cY5vyCFMv1eliwLQ:da568d830f07a77bd14eb1eb2468778c"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff90771dcd9b39-FRA

GET
H2 200 23538527_G.jpg
cntsyncont.images.worldnow.com/images/ 8 KB
8 KB 56ms
54ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23538527_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1666492378000

Requested by

Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa0ccaba675641f9abc062856948bd428eb1c921045054f0eddb3ab0a1136ab1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:29 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 7925
cf-resized: internal=ok/r q=0 n=49 c=4+16 v=2022.10.4 l=7925
last-modified: Sun, 23 Oct 2022 06:32:59 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfJ_UGDutcYHj9sD2OctrBFQ:3735f9c74f0aa70c7cc6eecd73299060"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff90771dd09b39-FRA

GET
H2 200 23536579_G.jpg
cntsyncont.images.worldnow.com/images/ 8 KB
8 KB 58ms
56ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23536579_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1666398803000

Requested by

Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70f42cd797758be59e0ba2c63448e9011dc996216954aaf1c762c9fa51e9efb2

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:29 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 8261
cf-resized: internal=ok/h q=0 n=57 c=33+29 v=2022.10.4 l=8261
last-modified: Sat, 22 Oct 2022 04:33:25 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cf1ABno7LG6Qr_JeP26kPOFw:7a1752c7bd1d57fe09ae93db6b958529"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff90771dd19b39-FRA

GET
H2 200 23522285_G.png
stacker.images.worldnow.com/images/ 16 KB
17 KB 61ms
59ms Image
image/png 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stacker.images.worldnow.com/images/23522285_G.png?auto=webp&disable=upscale&width=180&lastEditedDate=1666195627000

Requested by

Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f4dd861caf045902d5ee18d4c5203ead44fac6f13bc2c2b79cf87ec6b80b167

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:29 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 16690
cf-resized: internal=ok/h q=0 n=27 c=7+42 v=2022.10.4 l=16690
last-modified: Wed, 19 Oct 2022 20:07:09 GMT
cf-bgj: imgq:92,h2pri
server: cloudflare
etag: "cfqnnKfSXPbaZ3ZNp7zJULGA:10c7a9722e59986b3c276aaf52070a55"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff90771dd29b39-FRA

GET
H2 200 23538179_G.png
prsubmitpresslifestyle.images.worldnow.com/images/ 3 KB
3 KB 55ms
53ms Image
image/png 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prsubmitpresslifestyle.images.worldnow.com/images/23538179_G.png?auto=webp&disable=upscale&width=180&lastEditedDate=1666483844000

Requested by

Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbbfef54b7356d5976be2578760874b170b4fcbed606288da533c60e173e2e2b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:29 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 2982
cf-resized: internal=ok/h q=0 n=21 c=0+7 v=2022.10.4 l=2982
last-modified: Sun, 23 Oct 2022 04:10:45 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cf4R9LQ5AS8QKZciMw8KCd5g:debdd5a5a82a34479fa2e0bc61fa293a"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff90771dd39b39-FRA

GET
H2 200 23542395_G.jpg
cntsyncont.images.worldnow.com/images/ 6 KB
7 KB 56ms
55ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23542395_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1666607710000

Requested by

Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be107799467154e190af21d49d9c49fd90d6addec4eecbb2205b170906a39222

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:29 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 6643
cf-resized: internal=ok/h q=0 n=14 c=8+33 v=2022.10.4 l=6643
last-modified: Mon, 24 Oct 2022 14:35:12 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfEknHVv2yFvHvZ81xMXuaHg:81c46f16217054073f3a98e771975693"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff90771dd49b39-FRA

GET
H2 200 23499493_G.jpg
cntsyncont.images.worldnow.com/images/ 9 KB
9 KB 57ms
55ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23499493_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1665797531000

Requested by

Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e36582522feed3f46a5d91422cf6074ca28d81e5c8e36316eb7185fd071f49f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:29 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 9362
cf-resized: internal=ok/r q=0 n=56 c=10+17 v=2022.10.4 l=9362
last-modified: Sat, 15 Oct 2022 05:32:13 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfprW84uaruG_N6C6EyJ11_A:cdaf8cf9639796b81112c0342c38b503"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff90771dd59b39-FRA

GET
H2 200 23498073_G.jpg
cntsyncont.images.worldnow.com/images/ 7 KB
7 KB 59ms
58ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23498073_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1665747135000

Requested by

Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e0f7adb2e720c4eca88f6c351e7a475c66183b6cc2e858db6fc7e42c4bb220d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:29 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 7340
cf-resized: internal=ok/h q=0 n=32 c=17+22 v=2022.10.4 l=7340
last-modified: Fri, 14 Oct 2022 15:32:17 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfSoNXPw48_6-id_E4wAAVAg:1e1f8085f5e6f7827db91f1eaa0453f2"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff90771dd79b39-FRA

GET
H2 200 23485935_G.jpg
cntsyncont.images.worldnow.com/images/ 8 KB
8 KB 58ms
57ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23485935_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1665624698000

Requested by

Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b217a661aef3ebd5523ba703627c5c10d1766e43093bf84ff9ad0010bc4300d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:29 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 8024
cf-resized: internal=ok/r q=0 n=17 c=19+22 v=2022.10.3 l=8024
last-modified: Thu, 13 Oct 2022 05:31:39 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfkJbhmwlGYa8rFfywoAQS3A:d4a1bf597d0d1fc965c42753151f335c"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff90771dd89b39-FRA

GET
H2 200 resources Show response
www.wtnzfox43.com/api/componentInstances/header[0].cols[0].components[4].props.weatherWidget.props.zipcodeData,/ 840 B
528 B 233ms
233ms XHR
application/json 2606:4700:4400::6812:27f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wtnzfox43.com/api/componentInstances/header[0].cols[0].components[4].props.weatherWidget.props.zipcodeData,/resources?zipcode=37923

Requested by

Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-a708c222c663fd6ca8a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:27f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6f512135d32bd17b2662ea6e36a3e5ed0ee338a9d54bd0294e2a543d95214fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wtnzfox43.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-dns-prefetch-control: off
content-length: 460
x-xss-protection: 1; mode=block
x-response-time: 68ms
server: cloudflare
etag: W/"348-DxMM0CZX7C92RyRHMVztzihyywI"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=180
accept-ranges: bytes
cf-ray: 75ff90775ff65c1a-FRA
expires: Wed, 26 Oct 2022 01:57:29 GMT

GET
H2 200 resources Show response
www.wtnzfox43.com/api/componentInstances/header[0].cols[0].components[4].props.weatherWidget.props.zipcodeData,/ 841 B
605 B 598ms
598ms XHR
application/json 2606:4700:4400::6812:27f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wtnzfox43.com/api/componentInstances/header[0].cols[0].components[4].props.weatherWidget.props.zipcodeData,/resources?zipcode=37801

Requested by

Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-a708c222c663fd6ca8a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:27f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c2e77bbcc2e76d4102450142ed2628537c5aeabb587074413177dc4d78c7370

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wtnzfox43.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-dns-prefetch-control: off
content-length: 460
x-xss-protection: 1; mode=block
x-response-time: 431ms
server: cloudflare
etag: W/"349-PtRTRdb2LlX/jqZg87yQI2v4aT8"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=180
accept-ranges: bytes
cf-ray: 75ff90775ff85c1a-FRA
expires: Wed, 26 Oct 2022 01:57:30 GMT

GET
H2 200 23477333_G.jpg
cntsyncont.images.worldnow.com/images/ 7 KB
7 KB 50ms
50ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23477333_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1665509457000

Requested by

Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebf72f7948955e7aff392cf018875ddc4e4c3420037e18f54e483b652d206bd4

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:29 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 6885
cf-resized: internal=ok/h q=0 n=21 c=7+18 v=2022.10.4 l=6885
last-modified: Tue, 11 Oct 2022 21:30:58 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfsBOyQENXpj7YsNb7nr2T6Q:055cf492e00f3b5a5ef8e21cee83618d"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff9077feaa9b39-FRA

GET
H2 200 12_rain_day_night.png
ngw-static.franklyinc.com/assets/static/ 3 KB
3 KB 151ms
150ms Image
image/png 2606:4700:4400::ac40:94e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngw-static.franklyinc.com/assets/static/12_rain_day_night.png
Requested by: Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:94e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 804f4da38e3688f66a21df5aef645a12677f9e3c9967891dd61e3e72967b465e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:29 GMT
cf-cache-status: HIT
last-modified: Tue, 03 Mar 2020 16:03:58 GMT
server: cloudflare
x-amz-request-id: JS7EJTZW49HVMGEG
etag: "052ea0bb367cc169d383492e191c4fa9"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 75ff9077ffea6904-FRA
content-length: 3044
x-amz-id-2: +oO8w6H/sbHPse2f8KUb7h3Os42bkhv0DZ0sbEV1WCdY8FBcHXtiBN9/BkrYSQ8hQ7KXHFEl/G0=
expires: Wed, 26 Oct 2022 05:54:29 GMT

GET
H2 200 1HxTVSN.png
ngw-static.franklyinc.com/assets/10763/ 262 B
456 B 52ms
51ms Image
image/png 2606:4700:4400::ac40:94e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngw-static.franklyinc.com/assets/10763/1HxTVSN.png
Requested by: Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:94e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c816f2ae640d0c61915f21b63cd4b034515f7c32a3c51faa6f3cb0438458cd26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:29 GMT
cf-cache-status: HIT
x-amz-request-id: 5H3C42FJ7B67KJ6S
age: 1875
content-length: 262
x-amz-id-2: RAu3cGvazSuqPlERVlGJsvxzzGQXHsGCEyRrSn0nvvqjle0mhNzILekE+LFodM2ETRLVdptTkkw=
last-modified: Tue, 05 Apr 2022 19:24:06 GMT
server: cloudflare
etag: "b3275baf43d3a9e28ba8e1856b5b342e"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 75ff9077ffec6904-FRA
expires: Thu, 26 Oct 2023 01:54:29 GMT

GET
H2 200 qX7G0Ix.png
ngw-static.franklyinc.com/assets/10763/ 267 B
438 B 51ms
50ms Image
image/png 2606:4700:4400::ac40:94e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngw-static.franklyinc.com/assets/10763/qX7G0Ix.png
Requested by: Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:94e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a99e110c12b1a25a2ea4e9f5e13252c2c9152cc4f3386c4d9b0465f25c261024

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:29 GMT
cf-cache-status: HIT
x-amz-request-id: 5H3F5YE4ZMKDFYJX
age: 1875
content-length: 267
x-amz-id-2: EizK6kXcnV0q4QzB8LAh2R/VU+zlvtWe2LMX3A/bnJ3jwHMopQJFz6g42NqrGGwDD8zA8VNSpiY=
last-modified: Tue, 05 Apr 2022 19:24:10 GMT
server: cloudflare
etag: "7c93283255679646ceb48b0a09e528ce"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 75ff9077ffed6904-FRA
expires: Thu, 26 Oct 2023 01:54:29 GMT

GET
H2 200 ENmisP2.png
ngw-static.franklyinc.com/assets/10763/ 262 B
430 B 56ms
55ms Image
image/png 2606:4700:4400::ac40:94e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngw-static.franklyinc.com/assets/10763/ENmisP2.png
Requested by: Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:94e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c145b7e2b907c7eaa938560a06f9074acada5ada4108d75671a5c6280750596f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:29 GMT
cf-cache-status: HIT
x-amz-request-id: 5H37Y6HM7RTNJQ11
age: 1875
content-length: 262
x-amz-id-2: 3FJXyJR8yD7pZPTsXLUaQRtkdCC+zDGM0DENzIjne3CcFn2EJDGR1zRF+Eoyht3iSP8UJDuuhY8=
last-modified: Tue, 05 Apr 2022 19:24:09 GMT
server: cloudflare
etag: "2181a1a027aad6f2c0a77442ffe37662"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 75ff9077ffef6904-FRA
expires: Thu, 26 Oct 2023 01:54:29 GMT

GET
H2 200 2LRxrU9.png
ngw-static.franklyinc.com/assets/10763/ 267 B
459 B 53ms
52ms Image
image/png 2606:4700:4400::ac40:94e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngw-static.franklyinc.com/assets/10763/2LRxrU9.png
Requested by: Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:94e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad9ee28660fa02b5d374001dcd8e48e1bf54e68ef675df49d16db0970cee81db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ngw-static.franklyinc.com/assets/10763/app-880153a8c78c9ac87b50.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:29 GMT
cf-cache-status: HIT
x-amz-request-id: S69J9GAPZ0CWZJB8
age: 1875
content-length: 267
x-amz-id-2: 8yj2EmKgYGiBTvwJtu97xW54n584Vj/aodw4rxoxPU0IFFS8EAFlkW+uDxHCVT+AxUBOZ9BCgtU=
last-modified: Tue, 05 Apr 2022 19:24:07 GMT
server: cloudflare
etag: "3539134c74c2fa207b851387b14bf8db"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 75ff9077fff76904-FRA
expires: Thu, 26 Oct 2023 01:54:29 GMT

GET
H2 200 one.js Show response
csp.azureedge.net/cdn/OneCol/ 138 KB
61 KB 159ms
39ms Script
application/javascript 2a02:26f0:1700:d::1737:6ea4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.azureedge.net/cdn/OneCol/one.js?v=7
Requested by: Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6ea4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: eee64e7a420c5e70f9c636da84110997eb85bf5e55e56a003ff4b448d4889897

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:29 GMT
content-encoding: gzip
last-modified: Fri, 29 Jul 2022 22:43:11 GMT
server: Microsoft-IIS/10.0
etag: "1d8a39c948c0162"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 61870

GET
H3 200 tiny-slider.css
cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.1/ 2 KB
938 B 86ms
45ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.1/tiny-slider.css

Requested by

Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15780000
age: 1723063
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 573
last-modified: Mon, 04 May 2020 16:17:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ffd-882"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75ff90791f7b8ff4-FRA
expires: Mon, 16 Oct 2023 01:54:29 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4092 0
0 82ms
82ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsus318e9Vw9Ds1EmclzhfkZYZQ2RRIxk-0mNj7IRxqCO0-KSv36KG34stSMulEQhQKcmdJSJKnQF0H_KOD9Nqj51d7NuKX1EE7SeyzIpgBx-Qv5YTqQlgt-yVUIYaUUTyrB1iBZ8kTwkZEfzTJCIrn7lPtI-AAfuOrIjVYS_oetjGPGQCmSa1xxk1mG88C990QqU2KUqIxfUCyiuludczscDLsJ1LtcrmOk4jVTTNi6BKuZvdhB2n4sdr_dKIAdEHTK1q94VsceG9aty6BipEQykD_jo3iA_xITlxSyE4BQ5h9BB8MWE7TJu3rJtvlvNIjgqcwDVj3OK3asXD2AU7urryfdZK9aoLDe1Y4B216s1UG_&sai=AMfl-YRe02QWt-AtlU2lcvkrLFkjVfyKIfHQgAQFdfckz7yYuXWFGQve_kL1v5S29vmzRtg8f5_ongiUHKeNzYEPybZx1kKdxb-uQ8IXCrae67ECuqW25lR20FnNrDmHi78p7ODE&sig=Cg0ArKJSzFSqis9l8E16EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 26 Oct 2022 01:54:29 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 4092 3 KB
2 KB 126ms
37ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:30:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37457
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 15:30:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4092 152 KB
46 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666611803224388"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Oct 2022 01:54:29 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 4092 8 KB
4 KB 200ms
37ms Script
application/javascript 2a02:26f0:6c00::210:ba11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?t2te=0&seltag=1&adsrv=104&sadv=4780307474&ord=3065070954&litm=6084843041&scrt=138400723574&splc=/43459271/loc-desktop/wtnz/web/homepage&adu=110729671&unit=728x90&btreg=6084843041138400723574&btadsrv=6084843041138400723574&ctx=19955922&cmp=DV451308
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: bb629e74741734f357fcc6f4b04d7479f04be72e6622305aded71cc872edacca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 01:54:30 GMT
Content-Encoding: gzip
Last-Modified: Sun, 23 Oct 2022 14:24:53 GMT
Server: Microsoft-IIS/10.0
ETag: "80e87b37ebe6d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3314

GET
H2 200 9180216086468094454
tpc.googlesyndication.com/simgad/ Frame 4092 296 KB
297 KB 126ms
39ms Image
image/gif 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9180216086468094454

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f84075094722379c5166b269b0cb0663503923b9433c944d31958a92caa1c48d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 08:26:54 GMT
x-content-type-options: nosniff
age: 408456
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 303601
x-xss-protection: 0
last-modified: Wed, 10 Aug 2022 13:44:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 21 Oct 2023 08:26:54 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 4092 0
0 133ms
47ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQAyIMj7awDrYufrxLxNoSb8WbafAyD8wBdWwY0ZPB5G_P0myajvfxI6xBoO-cAzxGHOI43Jdk2AKXONpkAupTNLbIK6w
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 4092 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4b0be9a22de354f6038ecc67fa0c41fe46089d3a343d787b5a9f225f0aef9731

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ 5 KB
667 B 125ms
47ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 26 Oct 2022 01:54:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 01:16:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Oct 2022 01:54:30 GMT

GET
H/1.1 200
OK W1uuu6G6y0WMoZKgmKgSog.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 44 KB
44 KB 796ms
191ms Image
application/octet-stream 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/W1uuu6G6y0WMoZKgmKgSog.medium.png
Requested by: Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 78fa9037e398601d72e3bd5c10f5086df33636072ba89e007c3403149f5f1480

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 01:54:29 GMT
Last-Modified: Wed, 24 Aug 2022 08:20:35 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: Lg/DHxmYgGU6Tbmu0+gKDQ==
ETag: 0x8DA85A985551CB0
Content-Type: application/octet-stream
x-ms-request-id: 8fb516e1-801e-0035-62dd-e851a5000000
x-ms-version: 2009-09-19
Content-Length: 44789

GET
H/1.1 200
OK 56c72754-6e36-4836-adf5-949ae7da2f74.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 20 KB
21 KB 799ms
192ms Image
image/jpeg 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/56c72754-6e36-4836-adf5-949ae7da2f74.medium.JPG
Requested by: Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 131acd182ba974b74aa63c4723fe89fe1498494ca6652a3d86c5b2bd274addc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 01:54:30 GMT
Last-Modified: Wed, 11 Sep 2019 02:17:28 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: jYOkciYltOdiXuq10fVn5w==
ETag: 0x8D7365E3176DDF1
Content-Type: image/jpeg
x-ms-request-id: d1b6c282-a01e-000d-46dd-e8f565000000
x-ms-version: 2009-09-19
Content-Length: 20875

GET
H/1.1 200
OK dZQEp_H3nEm4xh_P8zU3KQ.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 20 KB
21 KB 800ms
190ms Image
application/octet-stream 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/dZQEp_H3nEm4xh_P8zU3KQ.medium.jpg
Requested by: Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 821964a0d99050d0b691ce653a50cf71f5261851a94920e8ec2e88b451459f13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 01:54:30 GMT
Last-Modified: Fri, 08 Apr 2022 05:43:56 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: oB+JFpSkaXY3uTMDH2108g==
ETag: 0x8DA1922C61A1DB9
Content-Type: application/octet-stream
x-ms-request-id: 704dd214-c01e-0079-20dd-e8c195000000
x-ms-version: 2009-09-19
Content-Length: 20717

GET
H/1.1 200
OK afa97b58-f9d1-497c-9387-ba5f12867084.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 77 KB
78 KB 809ms
194ms Image
image/png 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/afa97b58-f9d1-497c-9387-ba5f12867084.medium.png
Requested by: Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c904883fc3bdccf64367844e4a7d357485cdc98c441fcac5b40b03ee3b05c3fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 01:54:29 GMT
Last-Modified: Fri, 18 Oct 2013 00:12:23 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: GqBY2X8XU9+sqymNULpqqA==
ETag: 0x8D099ADDABB6D7A
Content-Type: image/png
x-ms-request-id: 37182f23-e01e-0041-03dd-e86555000000
x-ms-version: 2009-09-19
Content-Length: 79346

GET
H/1.1 200
OK cebf26d5-3304-4409-9ae0-0b3253a0fe7c.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 13 KB
13 KB 810ms
195ms Image
image/jpeg 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/cebf26d5-3304-4409-9ae0-0b3253a0fe7c.medium.JPG
Requested by: Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b92939169856426f79aa6284a7c4fbacfc37beabf9db16fad3c26c927f1e2ca3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 01:54:30 GMT
Last-Modified: Wed, 16 Feb 2022 18:13:52 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: qxuQTtOEs2aRUM2z5Zf6vg==
ETag: 0x8D9F178167F5998
Content-Type: image/jpeg
x-ms-request-id: 890c351c-f01e-005d-7fdd-e83735000000
x-ms-version: 2009-09-19
Content-Length: 13205

GET
H/1.1 200
OK BgRh_e2iDEmK6ruFtWUo2g.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 14 KB
15 KB 810ms
194ms Image
application/octet-stream 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/BgRh_e2iDEmK6ruFtWUo2g.medium.png
Requested by: Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: f37e4e6e6b13556ed18c7cc556a3053f3a9176f26f746757da47a4fd1ea903cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 01:54:29 GMT
Last-Modified: Sat, 27 Aug 2022 23:03:55 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: gQScS1P5VibsBpdTR0Kbkg==
ETag: 0x8DA88806A93E74C
Content-Type: application/octet-stream
x-ms-request-id: a218f460-401e-0005-2ddd-e8ef6a000000
x-ms-version: 2009-09-19
Content-Length: 14805

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 079720151f8e5a548186737593346110b3534909e074b4de98de5f1923dbb486

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1 200
OK pSfnU2vcaEaW7nSVklTxVA.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 25 KB
25 KB 196ms
194ms Image
application/octet-stream 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/pSfnU2vcaEaW7nSVklTxVA.medium.png
Requested by: Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 97cdd25c99fffed33f4405aac265224d8d63bdb11b7879aec6db3a89a2316ded

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 01:54:30 GMT
Last-Modified: Thu, 22 Sep 2022 18:50:09 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: XXiNw1VKKSwDpF5qYbTx9Q==
ETag: 0x8DA9CCB46192A28
Content-Type: application/octet-stream
x-ms-request-id: a218f4ed-401e-0005-29dd-e8ef6a000000
x-ms-version: 2009-09-19
Content-Length: 25145

GET
H/1.1 200
OK 7a5a6c1c-e229-470c-93ab-6fdb4adf524b.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 47 KB
47 KB 195ms
194ms Image
image/png 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/7a5a6c1c-e229-470c-93ab-6fdb4adf524b.medium.png
Requested by: Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4dea6b42ca09febdeb728c377fa90f6adb3f4afa92ef00d7ca6f3bbc095fafc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 01:54:30 GMT
Last-Modified: Sun, 11 May 2014 00:21:29 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: l+YfwYQeFGmmcaPjYh5Scg==
ETag: 0x8D13AC616F81D07
Content-Type: image/png
x-ms-request-id: 890c359b-f01e-005d-6add-e83735000000
x-ms-version: 2009-09-19
Content-Length: 47962

GET
H/1.1 200
OK f65d660e-2e5a-4856-9d51-4637e5e94b19.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 6 KB
6 KB 193ms
191ms Image
image/jpeg 20.60.81.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/f65d660e-2e5a-4856-9d51-4637e5e94b19.medium.JPG
Requested by: Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 9dcf7695a8fe04a4b1bf2dce9f04b937223c29b809b6a882586ba2d01428d71a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 01:54:30 GMT
Last-Modified: Fri, 06 Nov 2020 17:51:35 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: TMWISrzipBVamqL3CMrMdw==
ETag: 0x8D8827C9A5B5903
Content-Type: image/jpeg
x-ms-request-id: 8fb5174a-801e-0035-41dd-e851a5000000
x-ms-version: 2009-09-19
Content-Length: 6139

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 123ms
46ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.wtnzfox43.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 124ms
47ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.wtnzfox43.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
10 KB 366ms
366ms XHR
text/plain 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1744550744521387&correlator=2457148147722774&eid=31068458%2C44768258%2C31070110%2C44772496&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fif&iu_parts=43459271%3A22684687957%2Cnat-external%2Ceviesays%2Cfrankly%2Cwtnz&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250&ifi=6&adks=793708566&sfv=1-0-38&eri=1&cust_params=wncid%3D177546%26wnpt%3DNA%26ispartner%3Dtrue%26wndomain%3Dhttps%25253A%252F%252Fwww.wtnzfox43.com&sc=1&cookie=ID%3D5fae8f1195d843e4-22d9b68257ce00ee%3AT%3D1666749269%3AS%3DALNI_MbisMMKC_8SadgtN1h1u0Tlebpsug&gpic=UID%3D00000b78710a78f1%3AT%3D1666749269%3ART%3D1666749269%3AS%3DALNI_MZ9qWVFpCaJEZTOEwPtAxRcbKoeiA&abxe=1&dt=1666749270024&lmt=1666749270&dlt=1666749267764&idt=1716&adxs=1190&adys=1614&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wtnzfox43.com%2F&frm=20&vis=1&psz=300x-1&msz=300x-1&fws=4&ohw=300&psts=APxP-9AWTL7UeC9AADKaY0MRA_4m-hO4Z3YNetXRuu9QkFg8DXUcTik08NP6l8fejk3cMc4FfhLl22KcB2Nxj6HPC85Q9m1Z304EAw&ga_vid=1805160477.1666749269&ga_sid=1666749270&ga_hid=1395689748&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1dfdf1d75708eb87a6ec32249489c199a6fc2626ce6f32d79a0f61ba40813ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9738
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wtnzfox43.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 112ms
37ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.wtnzfox43.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 18:50:34 GMT
x-content-type-options: nosniff
age: 111836
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 18:50:34 GMT

GET
H/1.1 200
OK dv-measurements3130.js Show response
cdn.doubleverify.com/ Frame 8B31 545 KB
105 KB 41ms
40ms Script
application/javascript 2a02:26f0:6c00::210:ba11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements3130.js
Requested by: Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: f28565927fdfc6b19aa587b954c6d1cd06428a51d583bc055cd4f5cf966ac2bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 01:54:30 GMT
Content-Encoding: gzip
Last-Modified: Sun, 23 Oct 2022 11:48:15 GMT
Server: Microsoft-IIS/10.0
ETag: "80e9d655d5e6d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 106973

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4092 0
0 152ms
76ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssam_DuDB4S-GA8TxyzLEQ-WBvzzwN_pv_nQtTnkuM_W4Ibqa_bZE4pgIGIR_j2jJxJhKuTCp5mBJOhss1At2PhqoCqlRGWpfDbkZ3zyAV3eH3hfWu1MdtIGkr5URL-zZd52Jp2BsyVTb_ppW_v_ZCiJOFSJjqAbvjs9t5oHoC0mOKAOmCTYOsXZYibpbrZHMD8sOozl_cPCzx4KL5k-zepnW-8g7onpUg6VAM4C6vMHMt1FEbxP8sccdLeXQr4r4TAeoIChY24jt3XGr-0PKD39yZjI9eX5VDTYZKko-M61boyRUznBOW4qgm6lNXdVijzZO_le1uMQLH8g1pg64fEVeXrr9tA&sai=AMfl-YRYoX7TGAsrhkhr5cr0uCcesgNOxoDo_RiVlsAX_pyMr66sDYlWklMmZBwNCwlVtS0kQVeI-X5qCl898ok8cdCyX7qZwO1YPUe-vOaIn1FhN4sI9ST5I8IwwSIdYSI7kb5o&sig=Cg0ArKJSzD0in4V4UxVvEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 26 Oct 2022 01:54:30 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 8B31 694 B
704 B 246ms
44ms Script
text/javascript 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=104&ttfrms=24&brid=3&brver=106.0.5249.119&bridua=3&bds=1&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DHE%3FK7%40Icb%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DHE%3FK7%40Icb%5D4%40%3ETar9EEADTbpTauTauHHH%5DHE%3FK7%40Icb%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=25&ddur=202&uid=1666749270259117&jsCallback=dvCallback_1666749270259620&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F106.0.5249.119%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3130&tgjsver=3130&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fwww.wtnzfox43.com%2F&fwc=0&fcl=461&flt=190&fec=1014&fcifrms=1&brh=2&sdf=2&dvp_epl=160&noc=4&nav_pltfrm=Win32&ctx=19955922&cmp=DV451308&btreg=6084843041138400723574&btadsrv=6084843041138400723574&adsrv=104&unit=728x90&seltag=1&sadv=4780307474&ord=3065070954&litm=6084843041&scrt=138400723574&splc=/43459271/loc-desktop/wtnz/web/homepage&adu=110729671&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&t2te=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=306873543956.001&dvp_tukv=239840911612.2924&dvp_uuid=31590243787.843506&dvp_tuid=1171061259834
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3130.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 80bb8d623b7fd73ff06dee085de8a8b4924a3687e42de3e921757c38a24beb70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 01:54:30 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: close
Expires: 10/25/2022 01:54:30

GET
H2 200 container.html Show response
bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9BB9 6 KB
4 KB 172ms
44ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wtnzfox43.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 01:54:30 GMT
expires: Thu, 26 Oct 2023 01:54:30 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1C56 624 B
838 B 135ms
51ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhj5oqp5MAE&v=APEucNVjVUwzZoSS_ais2jeBf-Ezug8g4HNKZeGvwVTC34xS3zX-TK764brIuLEgFpiY7-hg4QaSaRkGE9_qExAwa0wOtmVhcPhW3xS4Bau57ILXyV_5NsVSBv54dsIl70v9viJFLqQMV_Dy7nmpfhOSM7k7uMdF3qI85sUBZbNNoaYVERjg-hI

Requested by

Host: bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com
URL: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 01:54:30 GMT
expires: Wed, 26 Oct 2022 01:54:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9BB9 83 KB
34 KB 208ms
126ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Any2m6FQp6XfXP5dlbZZ7D2zb4NIkm0kEqi4jQDuZ8RsIYL1JCoTZ7-KiUGUQrZu85OIe_Ymf0Du6HMLDDYoowlqDDUNO-93ilIO3uLRC3t_6ZxZPLji70F_rjeJbDTan9hvkJw1QgcUXRtdruQXVwWCu7imk8KqN8jb8HquuyL2V6hsE&dbm_d=AKAmf-D5rItP1Vuv1s5hbMmogfWvQz6k2jRFWuFldxh453MPXn5MQCAQCHjZbFdJb4jtbGqKTkvbC-_O7OTmOPYsp4q7kjfyADJJVWM2teAuuErUaLqIrvEhdetbAW0PFWgyiJ8biLHKQ5Mex2DUo42JrwudWuDmViPXGD7VkjBJO5Ac-eWSiD2A9cflB9XbjJhqQBVx9bDdLLA1dJ7x_9PfSTAoauVfy00ZaC-fuU9Zvc8VSXYiIfM-sCDRnkR-Wmmgpq6MVbVQjvL4UutszRwItVlG0fPP6TUvNHowbT-_mXyJeKcF7--2XuWVDtqEC8AD2xveJImQyPvhwLvY4hqsnGW6I9pyS4cQSruNjjGfRvUtEyJVIk3X8rYNK7lJCwrvV0VxKkfxhPjrhWgERj_asWaoE5xA28rLuVU8RDirZYYHawHyixZtmn8PmUKtoMyxp1XB9K5G_031syx3Pj65RBUhHHvdJ6R3SeESqGzeUJFb6Sqg4nqidjPf34Nny51UbMUeFhmhUdEhZiaRRUGF3w-36EtdtQAk7MUnj6YVTQU4znB34RdHLbmIDOjnGWXUSsxvhhga1oMBKlrwhoG4vYknNhDTZWffTxN38uxf1We0mchK1Zur9ogn5dUKB-sIzommfc-r8YqmZsvD1-EC5JpOp7NNHmSSGhGRv6eXcutiVptrRHGwEctWVT3GPS8ErGqzCd0-pRcFOheAd-8P2I_EGslmTUZuDa2eDQ4zERuB7Ic9lEIF91Q6gghh5VLcz-qFTyi3rlnux7WKNGIn3C4Nm0jkk2S4s7KSu-ue4xqHJQsRhKzax3_jnrq7dJdMXcKLl5aeBFevxVP6sKjcKKLiUrf9YHMWdZ7zuw2RZvMycpq0Np56KiemQFgSIbjCKuuzyg0OQnl8EeehF8lcJZOzCus7QconGmMrWenER1lmVjMoE5dNPsdLaGqeoBujEvOr-L-ImM6nCKBXmIP76TJCiyNXP_C0CKXLL5tRYKS-Eb5OsdMYr12sxwt5QWA-TW9EE0OF8feF51K2n5bbP6kH6-nTpy1U653OxSues-zwMc0_IBDOJ2sknegcCjS7rj5w0bt6r-pbq1HhIDW0RUUZHnB2is4y_fozn14WMVZ2xJ-gVqxiNeqZmcXD3MKhpQlxjG0XYcxbfPldey7QVUstzAizBqFA1oO8TGLuVmS81A-gHwRMNUQ38d-94OfaoZ1kXBFHuhYHpJhAfHaFdnEPXMfqlowSZUmDEC12wR3RSZ179NEXo5a3vpBeJBn03aXf8xbxBqty22hrRPiLyzLn0Vn3icz1c9M0eLp_VFgLSb0iV6PnnP2MQ2RbximiI7uup_vSpVy9L81I0GqKLNIUWcoSSya46gb3b5NQArwRYi11hHad0rvNASZ7J_q4_DgMU95JM3N_FY9JD4CRilkepXu4tWL8hxuiafQBP7kg7lcuchaqIFdtKwts88TdR5Yu2YEauMZDNifkQBhHqoMzokQkhFMdSi4OT3ysA7K1jCt1T7HjDr68JKQrFiut-ORZjEs7IQF1DzP-hLNt-SL_k2_yszKSzKV1xg8B5MiYk75f9RUjTi7PjQ83SEvltvW4H6XmQkOYdvOAL9oLtnKTPnBof7ZqUjyR_R_D1s-dVCBwo0rzCqSqgQOhpIK90n93MtUCknN-6gcWpbdvKV6xmhfRptu6B7InY7FXbvVXu4gisMEcBLbV1NZCzp0CVzFNbfGtUpX7hWsjYdW8QVoaoUzhH5I-wZyccGnNaa4ZVT1MYxsGAo1vvjWES6YZaaz3ZiVrJ6Ev6NmOVzFiyjI9Dqis__pxZYgFWZK8VhYy0AqKw9KDsX2vEEBwYMgjryokWUTVlpKw0bPo7dY9rHDBS2oY6W09JvjCga_RnZ-Sg4MCdSeQTKNBiZJLAIAAdBtxJFUf39R17xztYDWAme-WXVQ-r1rJ_gcm_w0pxJ5TgiKV-FUK9e9WehgPrA_JBT6zUSVpEz-hGLy7FV2BsEeYsxHz2K39b8IxNAn24xwyhi5mZMUA4LetkrCkBgV2AfdWMRZC9wydXl7HhQN69RA67_SjTEjoxL2IN1_YiUdz6HrdkkWS0bsdZ5Ij-_cSgmxinPZbrknnBa9TNTSr7blQD1NNsZzTM1Gg2SPxjUPXzA9ew4rlxJtvuSvyxKfULhZ322ZAX4kM4g8DXrOjGIOV3ySAB7MydPXrgH5XpfYNPTJKfSQgYQY-f71KaALZHgG8UQLmGIySAzwK9N9jidElmzt4jwAgsTF_fA0iI4IVCgeGv676v855okxBTsjqN8wwqBVWEGZLFCawKyjUeqjGllwS3G2hPmk_lTBEhjCNCTgnzkd3xXdg4qf2nzm3hw3lLz8zxQGElHP7j9lWWUvdzMzfTr0FQp6YCuJt-FXYM5-nuyfimfPcooXH8tnd6EZopcvjMXZI7U-Hy9Frlm5ddGmgSamNrf05M647lrxW6qu1VP2JsOPEa7TD-Os86iEOope89ChqsSnODWtoMsvRjhwtzpzzrCK8R97W95QSN2btrDyAoIPK41pkdwc3B-JEcaCuDVi03YOfq7hOlLe17Fq-oiBwD-clQNivmvAY99hVJpcksDF8JIDVu2ReJDEtq0CrFEnkbpcHWqaeu2CqnLy79gn0htFyhqXxKcGb22OhkSB23kCF0vRJUM_-ICQJ9lQdpUv4SD64NM4YxC1RhIaNQVxIyPYThGIOBpkfNCY5EgwTvTAHWE7G_Nq6JVcWZN4bUfB4YJkx6uMHPGlBDaI_otUi6_LZIERE8FiwdbUwlhm52XAn4rbysz_41vDfVvHFGt9BZJGRc8zVy3zRAg1SDStUv0nL_NkS6rs8VoWA7oIKW5qg27RLY2RteXSF_ewZ6PlFMzZrE7nbB9mzW4MCY8pFC_XCVP7_RutDI2xBrieZCQAfKna6K4a-rPgvLxWUWatU9BBG1Uuu4iSPhg71sqGjbzAmiIYJJ95xGccCezZqs6o2S596gqbQcKoZusksJtVlRlwDxQGmu75xhmFTX49yzEOviBn2Bi4pgiN_aenUgwnGrFPY3qhaeby23WSAJ7H9dzkSCtGABstemBBpjhOCEVbs1oWTbDGzqi1oMQSi8s-EilGy8dXrotuvOZYjCdLrGLMsAonEXotgSqCqYI8JQn-JO-3ClG38htOl_IX65fdTSkV-FIqM1CpOYwcMZTCLjNIqJ7maE6gBWgRuwpfv9sAPr9SyoLo7OnoKW9SWdB0ReurhMhjSmOHXcE2z3ovHI4tiq6MihIGX9b6cWf74IsLXDIfNRovzGZf9jjvTLzRWprbqlo0YUJiOeKtM05DUm2zPIsi0ari9vH4jxg&cid=CAASJORoP6IO0gvQAP6E_jsbPXEPEwx4oUbNmsFwH1xvKJz1pgzfOg&rfl=1%2Chttps%253A%252F%252Fwww.wtnzfox43.com%252F%240

Requested by

Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dae67f95dd7f1b43b4ebafdb182f27d937f6c59f7fe012c946e214d54500069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35085
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9BB9 42 B
494 B 166ms
73ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ChOM8cAGY8Qba4tgyfJb6g2QnrX9ANLLHV6-ZAWGLNGWKYI8x2k4Gg34dZeuT9__J1bHlZnnGc9niRgxebMzRwYBc9_rNEwl8L-GO8AzbgvpOhn9M

Requested by

Host: bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com
URL: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 9BB9 3 KB
1 KB 121ms
42ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js

Requested by

Host: bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com
URL: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:30:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37457
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 15:30:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 9BB9 17 KB
7 KB 116ms
37ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com
URL: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:22:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41509
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 14:22:41 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9BB9 0
0 128ms
47ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSy0fkjza2aPUW7Uo_3S4ZDNTdmu-Z3mGsGDQvEGlMuem8WFZ_HWsINufOLn3yLFHf4KJRng3Hsh82rBer3wEVT1vkdLA
Requested by: Host: bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com
URL: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9BB9 152 KB
46 KB 54ms
52ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com
URL: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666611803224388"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Oct 2022 01:54:30 GMT

GET
H3 200 container.html Show response
bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7965 6 KB
3 KB 114ms
37ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wtnzfox43.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 01:54:30 GMT
expires: Thu, 26 Oct 2023 01:54:30 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1C56
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKywXGI-sWgW8141WbS5DOM&google_cver=1

43 B
766 B

74ms
38ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKywXGI-sWgW8141WbS5DOM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhj5oqp5MAE&v=APEucNVjVUwzZoSS_ais2jeBf-Ezug8g4HNKZeGvwVTC34xS3zX-TK764brIuLEgFpiY7-hg4QaSaRkGE9_qExAwa0wOtmVhcPhW3xS4Bau57ILXyV_5NsVSBv54dsIl70v9viJFLqQMV_Dy7nmpfhOSM7k7uMdF3qI85sUBZbNNoaYVERjg-hI
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 01:54:30 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKywXGI-sWgW8141WbS5DOM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1C56
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1iTVuu.hkMCSZOtllLuVAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKywXGI-sWgW8141WbS5DOM&google_cver=1&google_hm=2

43 B
766 B

39ms
39ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKywXGI-sWgW8141WbS5DOM&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhj5oqp5MAE&v=APEucNVjVUwzZoSS_ais2jeBf-Ezug8g4HNKZeGvwVTC34xS3zX-TK764brIuLEgFpiY7-hg4QaSaRkGE9_qExAwa0wOtmVhcPhW3xS4Bau57ILXyV_5NsVSBv54dsIl70v9viJFLqQMV_Dy7nmpfhOSM7k7uMdF3qI85sUBZbNNoaYVERjg-hI
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 01:54:31 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKywXGI-sWgW8141WbS5DOM&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 1C56
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECBvXq8n1YBZdvugXUoC6KU&google_cver=1

43 B
1014 B

46ms
38ms

Image
image/gif

37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECBvXq8n1YBZdvugXUoC6KU&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhj5oqp5MAE&v=APEucNVjVUwzZoSS_ais2jeBf-Ezug8g4HNKZeGvwVTC34xS3zX-TK764brIuLEgFpiY7-hg4QaSaRkGE9_qExAwa0wOtmVhcPhW3xS4Bau57ILXyV_5NsVSBv54dsIl70v9viJFLqQMV_Dy7nmpfhOSM7k7uMdF3qI85sUBZbNNoaYVERjg-hI

Protocol

HTTP/1.1

Server

37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 01:54:30 GMT
AN-X-Request-Uuid: 12207069-4190-4c91-8c5a-04e9cbcfdcf5
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.7.101; 80.255.7.101; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECBvXq8n1YBZdvugXUoC6KU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1C56
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTEyMDA3NTI2NjI4NDc3ODI4NA%3D%3D

170 B
188 B

130ms
51ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTEyMDA3NTI2NjI4NDc3ODI4NA%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 01:54:30 GMT
AN-X-Request-Uuid: b61794c9-acdb-4905-af1f-66787b95f77d
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTEyMDA3NTI2NjI4NDc3ODI4NA%3D%3D
Connection: keep-alive
X-Proxy-Origin: 80.255.7.101; 80.255.7.101; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F5B3 640 B
316 B 131ms
50ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COsBEML8nAEYjKqv1gEwAQ&v=APEucNU4Eimn3eXcXaaPuEY-S-mDyxbhMg29YdAp7Eo7YI6PJBAxblhzVsjVoWWu3CBX-iAVy3Q-63szUqEUSmrQF8zwrCp-0vIXxmT6kOb_ROspGlQtZ2qxQIb0Yz7dcHqHI9OtbzId-VXiTLtGMG0YNCcBkWkg5r94UG2I2wT3PL7vpIb5ZKQ

Requested by

Host: bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com
URL: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 01:54:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7965 28 KB
17 KB 154ms
74ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Be23cuJfMi7Ey0cmkJa-dlFdOCS28LfQdjjtGqtIsfRPcgAmBnZL-W9ICeO3kFJLmXPdgZ25uMuy0BKBPwRjLLtLQMgrVn8zVz6NYottbF0g-0zm5BuTyLrdAeBs2LpA3INgEP-rU1n5Ouhiu2SG21fgcGeMcG_yDs5cb0eLNhx-u8EtM&cry=1&dbm_d=AKAmf-DD33ZPxOkk0dti2QVnXyytgz-xTiJ705x1nHbnU2K9rXtg0oUx00gi8yBEa_x9oe1nwZ2kaTJyywP1SonIJsVl3kwitHT9efb1E7SdNo3VW_PBIDlkbPuJJxv8JL8P5317WHEHurmp0zSDf0jXSbYRQZqmwwSN9ktpZgwfrqcEfJW8TtyPOCmvj-4FgVZjtUJ-nYk4SkEoZNFCr7Ym-k3Xzn8T-mo5G0vAR9DCr8x4bt6xFARA5zfLUrSUa7kFc43Oi5-pb_YB99DLIBrLx-OE5nnnlIdJqQezawq6e0R_nmkaBAp9KtO1lBZOOB28VFkjIa0VaA61E2hJSLbFEnWU957oRWN20nQNmm67Iu37DJnOBUb5LhojDGfo9ByMl3f5hEzg2LNALMoG_zH0f30aR34_mXgm6dKF2FHVlplSudkOKgYDwoBQaFALret-4WoFav94TJOoQnA_gvV4Hs7VDlKiPc3MuZTs4g4zBFKo4jj0XtRKoRv7VKhw_yAG2s5p0BGm5gFw20o7ilCjB86-p1If3T5NHOEOaEJl6mwL0Eplgaon9jBcN-FSw4ZPcP25D4efI8aJWHekAXPEa6P8EdNN6eq6JT_5_XIakBNvUWCFSIkqNNuHxLTQUTIkiXfKM1DVsArFQ11Q8m8LJgBn3yyXilkm8j5lC3ojcBhcBmnmZO8Q8D5U25zZXlCJjp46ofop_GYyU-k0OU7GKEmH8ezuqM1QsN-6RV9DF1lptlQlGS6DpH62xK6vkAmX_BeuPXaR4r8SF1-e4sO8SFdvC5MAlfVTw5qBp4REQ4osknEh72k8HwGeB-Dagy8ILEbr_nxmelIzshEYINiPl_ck21pqDwq9GuzfIw3XuTVM90CffVAblD7Z4ecJuE_bYq24sX79PQAD_BmyCaaa0LnlZK9ZCWA7e0VonUJuJIVldOOTYko1vUXXMUZEna2GfvwtHdZZvcQmIZ-INkyFmUGXOp-fbZYlXZJoDVxoFao-0pSp7yBM8q_WY3O2mDg-cPlUmr31SGAOLZ4mIuqSVRS4sHcYpJPBH9atZkOpso2j1ajRjrqonQLmve_yZMGRpj23gwucfz3kCWyxn1X6GeD60VVOhrs26qNnWdTO2FzMCYA2uNxkGvKGwUBisGJZMGVridW1095002EPFGZElZrFRSOhu7l0betX_bCtaLcdAYf2jDnPvG7q5CrkJuCMUyvq4wWNCE1LKOTDgnzf2zOu4UVVeJJLxIymHduO9THCrI6ccVM63M80iouuJtId6bFZyRbGPQtX8L8DSfZ3zEjj67Lg9e6Q9X48JyqxLmQwXHWWSeHj7Z6G4LOYwsaXtMJFR4UKpGbOVn_1k1v6N0su439wTZ4Eb4maC-izQyVjI6mKw4RTDOlCeaQIQ4IFHx1EykgGs9yZniCF0zpckoyXAcFWUQnLCXWQ7V5xApfRCMkZdkUaM4FNVH4omayTLtz5FLFTiIgzcVXa4MYuF7k8DpPa7fOUdS_EXXzEYHpBRJlqFcxCt3bYeZHE_8maMgQnbZABcfmSlxOnGiYe8ys_uot_3guOAOosXJrYznpORl-EBfxU0eCU5O4j3yxmLz2DJiC_QFkp2btYVihEQimGmvYYkcKXS68fmBz2DXsC-lYnT_dj557xe6o-G7a2L9oidUq1c3G-xPcIsEpPyW0OAJzx8T2-oAyOJtJe5VbTBivB_r9O6bY-P922Z-wmEaxcth0H3ear0wLkySxxhwoDDGUrdtUZEoqdVuX1RRaPzwbeEziUjcLXCTLm2j_UZDFcVEBamIFh8JsGhKjK788PLFB3EJeA7YGzcorUsQpbvOnePJEV76BQa7a4eV5ztpCeBsWeHSZabb_ghq_xz83X7mX2IOEsy3bbVpElqQXVZJC92RbAqpb2QLZwsimhi4W_eqw9tkR9TyHI_hnZCrIvlk7XC0F309Wt14vKSJK-JrxDIyOOxv-8Sx2dPDZ5gh7puchb1MNhlnyg9feyfkdY6evr86-GFiiTfU-xjarZK0zm3Yg326jhZukzVKNJjYRwvWxRKza_SHcHtamKJf7N3uYmnFF6z0we6uFnXE7RPxRuZCegjXUPmFcZt7CKjwwXsi6k8X-Yxggr_FYvyeBhelh3TmARcAT41OJtgcn8ujRSj05U1T1vZ1DG7QMTrq7skGztv8pWxg04VJ9GgQo5vudULiO4vujzVMkebV_0YF6Jeut2KdjQCl7MbEW5hZGIEhkcRpIkdl-ltYZYdT2vccoGQ5c0fjeTCVSfeYOk7d5HBliJv0L6IG7Z7TYbvBvB9EBxI1_Is9UTj2UEP20z25PDIc9iJofzd7COxeHBHNO-wrStcZLAIaQmaY4DVbtuI4LhHLSjQ06pGFPS4hQ0bgNXXCaxAtYgY84mez_zdaypZn_D0w4Zh4IjawCshNjAo1TUqbiPPTwtGA3OPugekJ8wEMFBMZVACPgWr5ZgPjOlkpbK_R9RZH9OKZWbMGGcFw9EXzTRqhYoNYerWMHHmsSfdnK6v8zPmlf1xEDf8WSyTgwuFt3aTaH8Set59tg9KBDxXASBBpetHVMUGlAQBRkhyA5dOmvnTLjzyMCIxAXcmxPcFF2rQxNar4s50EaQtGEYGGi_DgGVwGKYA2yoec25x-_gR1ToHWURQJ32zoKeDrijstxXvYbeUiU0ZZp-QCcw35PT7TeSdu3ObpPXQ3ZsUFDtAqUv0MqACNdsUu9Ytn0ojpeAwe4JpHlid6fT-EA4o2_Rwg8P3CK6cTjgX1F2AeopbvjDwQtr2I3jHPgYMbvl-Gvv0BCWl00-S_SMcVrNo1yqJNyuNxKTU5x60Yvjv66gRpL0NSIE2PQ6jKH19iIoEFwX9u5pLoWdwOP3Cu7b2-9C7BVlgdhzJyVltpIER_1fZBQApqM0wSpxR4f7N1HHgKTnp6AD6W-KGqnymjQR8_o7giWRAMR43x-SbBbMJ69MwyZu2WAKkXs7eHeAS3TmlmewZ1tSZ2FhjUjl1UPia4j3vA_aq6WohSLQjxqFXIjR4mQpAgRwLq5lAYJ4QeRb1SebUIsxrKNLcxoNj9GYQdapdFvRSd9q1YtbW3cPvzLqIfX43jkd75ay9kSpivOz8uS1fW4HDbt3GYMUdA3ddLLD8f_EPuCIu3IK0wZPo3IWI41G99_onzjV0yFRkdtokC7AUyBdLjuBO9D9ozT3RWePZLVP9qJKCezob6bbly5US-ecPQPx6455sO4IemmNHsocejkvpvhtI2RKLicxH7CatKK0l-eTIqKsbz4a9oyf0CgewQkamyLFD2cLT2-O5nmt4tkTlPLTHKEmgKE02cWtVOuOEUowYL3ZqbRdiv2V84jsHewSi2B3X3asNrw&cid=CAASJ-RoF-q3ecYvYYNAZqfQtznlTWrv1iSxg5adfJeXWGrZmAANF2X9Ew&rfl=1%2Chttps%253A%252F%252Fwww.wtnzfox43.com%252F%240

Requested by

Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fd92c1c1805add3f2e4b63143249fc816ee8085c465eb984141acf13cc60c90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16923
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7965 42 B
63 B 151ms
71ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-As8BBoLNKGCM7UKWtSguJIguUnmAroZAvIDrnEjIn9xlIQXzOt2VobYH3Dhq3TxETaikvrrp2S567u5VPeEiEh39ucmUHNjPFj1ZtSWTxFHgkwoi4

Requested by

Host: bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com
URL: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 7965 28 KB
11 KB 41ms
38ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com
URL: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

250686eb4f9e94b0bd0812e4e65b239b3355af85e21aff1dfaf3914f8b99f8f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:34:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1224
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10831
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 13:41:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 26 Oct 2022 02:34:06 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 7965 3 KB
1 KB 40ms
37ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js

Requested by

Host: bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com
URL: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:30:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37457
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 15:30:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 7965 17 KB
7 KB 41ms
38ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com
URL: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:22:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41509
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 14:22:41 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7965 0
0 50ms
48ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT1HhPzh7_d81KZbJJ5MRFgi1OpzRA9nak3sddshIiPJdtdaSE8CuJ85pJumVzFk8E-VXyOFnPHrXZHvywOU-2lnc1rOw
Requested by: Host: bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com
URL: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7965 152 KB
46 KB 55ms
53ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com
URL: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666611803224388"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Oct 2022 01:54:30 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 9BB9 170 KB
59 KB 126ms
37ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/
Origin: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 16:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32833
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 26 Oct 2022 16:47:17 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/ Frame 9BB9 8 KB
3 KB 94ms
47ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Any2m6FQp6XfXP5dlbZZ7D2zb4NIkm0kEqi4jQDuZ8RsIYL1JCoTZ7-KiUGUQrZu85OIe_Ymf0Du6HMLDDYoowlqDDUNO-93ilIO3uLRC3t_6ZxZPLji70F_rjeJbDTan9hvkJw1QgcUXRtdruQXVwWCu7imk8KqN8jb8HquuyL2V6hsE&dbm_d=AKAmf-D5rItP1Vuv1s5hbMmogfWvQz6k2jRFWuFldxh453MPXn5MQCAQCHjZbFdJb4jtbGqKTkvbC-_O7OTmOPYsp4q7kjfyADJJVWM2teAuuErUaLqIrvEhdetbAW0PFWgyiJ8biLHKQ5Mex2DUo42JrwudWuDmViPXGD7VkjBJO5Ac-eWSiD2A9cflB9XbjJhqQBVx9bDdLLA1dJ7x_9PfSTAoauVfy00ZaC-fuU9Zvc8VSXYiIfM-sCDRnkR-Wmmgpq6MVbVQjvL4UutszRwItVlG0fPP6TUvNHowbT-_mXyJeKcF7--2XuWVDtqEC8AD2xveJImQyPvhwLvY4hqsnGW6I9pyS4cQSruNjjGfRvUtEyJVIk3X8rYNK7lJCwrvV0VxKkfxhPjrhWgERj_asWaoE5xA28rLuVU8RDirZYYHawHyixZtmn8PmUKtoMyxp1XB9K5G_031syx3Pj65RBUhHHvdJ6R3SeESqGzeUJFb6Sqg4nqidjPf34Nny51UbMUeFhmhUdEhZiaRRUGF3w-36EtdtQAk7MUnj6YVTQU4znB34RdHLbmIDOjnGWXUSsxvhhga1oMBKlrwhoG4vYknNhDTZWffTxN38uxf1We0mchK1Zur9ogn5dUKB-sIzommfc-r8YqmZsvD1-EC5JpOp7NNHmSSGhGRv6eXcutiVptrRHGwEctWVT3GPS8ErGqzCd0-pRcFOheAd-8P2I_EGslmTUZuDa2eDQ4zERuB7Ic9lEIF91Q6gghh5VLcz-qFTyi3rlnux7WKNGIn3C4Nm0jkk2S4s7KSu-ue4xqHJQsRhKzax3_jnrq7dJdMXcKLl5aeBFevxVP6sKjcKKLiUrf9YHMWdZ7zuw2RZvMycpq0Np56KiemQFgSIbjCKuuzyg0OQnl8EeehF8lcJZOzCus7QconGmMrWenER1lmVjMoE5dNPsdLaGqeoBujEvOr-L-ImM6nCKBXmIP76TJCiyNXP_C0CKXLL5tRYKS-Eb5OsdMYr12sxwt5QWA-TW9EE0OF8feF51K2n5bbP6kH6-nTpy1U653OxSues-zwMc0_IBDOJ2sknegcCjS7rj5w0bt6r-pbq1HhIDW0RUUZHnB2is4y_fozn14WMVZ2xJ-gVqxiNeqZmcXD3MKhpQlxjG0XYcxbfPldey7QVUstzAizBqFA1oO8TGLuVmS81A-gHwRMNUQ38d-94OfaoZ1kXBFHuhYHpJhAfHaFdnEPXMfqlowSZUmDEC12wR3RSZ179NEXo5a3vpBeJBn03aXf8xbxBqty22hrRPiLyzLn0Vn3icz1c9M0eLp_VFgLSb0iV6PnnP2MQ2RbximiI7uup_vSpVy9L81I0GqKLNIUWcoSSya46gb3b5NQArwRYi11hHad0rvNASZ7J_q4_DgMU95JM3N_FY9JD4CRilkepXu4tWL8hxuiafQBP7kg7lcuchaqIFdtKwts88TdR5Yu2YEauMZDNifkQBhHqoMzokQkhFMdSi4OT3ysA7K1jCt1T7HjDr68JKQrFiut-ORZjEs7IQF1DzP-hLNt-SL_k2_yszKSzKV1xg8B5MiYk75f9RUjTi7PjQ83SEvltvW4H6XmQkOYdvOAL9oLtnKTPnBof7ZqUjyR_R_D1s-dVCBwo0rzCqSqgQOhpIK90n93MtUCknN-6gcWpbdvKV6xmhfRptu6B7InY7FXbvVXu4gisMEcBLbV1NZCzp0CVzFNbfGtUpX7hWsjYdW8QVoaoUzhH5I-wZyccGnNaa4ZVT1MYxsGAo1vvjWES6YZaaz3ZiVrJ6Ev6NmOVzFiyjI9Dqis__pxZYgFWZK8VhYy0AqKw9KDsX2vEEBwYMgjryokWUTVlpKw0bPo7dY9rHDBS2oY6W09JvjCga_RnZ-Sg4MCdSeQTKNBiZJLAIAAdBtxJFUf39R17xztYDWAme-WXVQ-r1rJ_gcm_w0pxJ5TgiKV-FUK9e9WehgPrA_JBT6zUSVpEz-hGLy7FV2BsEeYsxHz2K39b8IxNAn24xwyhi5mZMUA4LetkrCkBgV2AfdWMRZC9wydXl7HhQN69RA67_SjTEjoxL2IN1_YiUdz6HrdkkWS0bsdZ5Ij-_cSgmxinPZbrknnBa9TNTSr7blQD1NNsZzTM1Gg2SPxjUPXzA9ew4rlxJtvuSvyxKfULhZ322ZAX4kM4g8DXrOjGIOV3ySAB7MydPXrgH5XpfYNPTJKfSQgYQY-f71KaALZHgG8UQLmGIySAzwK9N9jidElmzt4jwAgsTF_fA0iI4IVCgeGv676v855okxBTsjqN8wwqBVWEGZLFCawKyjUeqjGllwS3G2hPmk_lTBEhjCNCTgnzkd3xXdg4qf2nzm3hw3lLz8zxQGElHP7j9lWWUvdzMzfTr0FQp6YCuJt-FXYM5-nuyfimfPcooXH8tnd6EZopcvjMXZI7U-Hy9Frlm5ddGmgSamNrf05M647lrxW6qu1VP2JsOPEa7TD-Os86iEOope89ChqsSnODWtoMsvRjhwtzpzzrCK8R97W95QSN2btrDyAoIPK41pkdwc3B-JEcaCuDVi03YOfq7hOlLe17Fq-oiBwD-clQNivmvAY99hVJpcksDF8JIDVu2ReJDEtq0CrFEnkbpcHWqaeu2CqnLy79gn0htFyhqXxKcGb22OhkSB23kCF0vRJUM_-ICQJ9lQdpUv4SD64NM4YxC1RhIaNQVxIyPYThGIOBpkfNCY5EgwTvTAHWE7G_Nq6JVcWZN4bUfB4YJkx6uMHPGlBDaI_otUi6_LZIERE8FiwdbUwlhm52XAn4rbysz_41vDfVvHFGt9BZJGRc8zVy3zRAg1SDStUv0nL_NkS6rs8VoWA7oIKW5qg27RLY2RteXSF_ewZ6PlFMzZrE7nbB9mzW4MCY8pFC_XCVP7_RutDI2xBrieZCQAfKna6K4a-rPgvLxWUWatU9BBG1Uuu4iSPhg71sqGjbzAmiIYJJ95xGccCezZqs6o2S596gqbQcKoZusksJtVlRlwDxQGmu75xhmFTX49yzEOviBn2Bi4pgiN_aenUgwnGrFPY3qhaeby23WSAJ7H9dzkSCtGABstemBBpjhOCEVbs1oWTbDGzqi1oMQSi8s-EilGy8dXrotuvOZYjCdLrGLMsAonEXotgSqCqYI8JQn-JO-3ClG38htOl_IX65fdTSkV-FIqM1CpOYwcMZTCLjNIqJ7maE6gBWgRuwpfv9sAPr9SyoLo7OnoKW9SWdB0ReurhMhjSmOHXcE2z3ovHI4tiq6MihIGX9b6cWf74IsLXDIfNRovzGZf9jjvTLzRWprbqlo0YUJiOeKtM05DUm2zPIsi0ari9vH4jxg&cid=CAASJORoP6IO0gvQAP6E_jsbPXEPEwx4oUbNmsFwH1xvKJz1pgzfOg&rfl=1%2Chttps%253A%252F%252Fwww.wtnzfox43.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:20:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41616
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 14:20:54 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/ Frame 9BB9 30 KB
11 KB 79ms
37ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:21:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41551
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11726
x-xss-protection: 0
server: cafe
etag: 11376305771055881226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 14:21:59 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9BB9 41 KB
15 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com
URL: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 22:59:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10492
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 22:59:38 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 709A 1 KB
643 B 37ms
37ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com
URL: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 52304
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 11:22:46 GMT
etag: 48472445140208031
expires: Wed, 26 Oct 2022 11:22:46 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9BB9 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 899d35504523d3da482963a26a700f380cf32fdca4e5d0aaffc2ac8688c726cb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame F5B3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECSY2vw4vAYHpgwCCjWV-28&google_cver=1

43 B
114 B

61ms
46ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECSY2vw4vAYHpgwCCjWV-28&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COsBEML8nAEYjKqv1gEwAQ&v=APEucNU4Eimn3eXcXaaPuEY-S-mDyxbhMg29YdAp7Eo7YI6PJBAxblhzVsjVoWWu3CBX-iAVy3Q-63szUqEUSmrQF8zwrCp-0vIXxmT6kOb_ROspGlQtZ2qxQIb0Yz7dcHqHI9OtbzId-VXiTLtGMG0YNCcBkWkg5r94UG2I2wT3PL7vpIb5ZKQ
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:31 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECSY2vw4vAYHpgwCCjWV-28&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame F5B3 43 B
304 B 130ms
46ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COsBEML8nAEYjKqv1gEwAQ&v=APEucNU4Eimn3eXcXaaPuEY-S-mDyxbhMg29YdAp7Eo7YI6PJBAxblhzVsjVoWWu3CBX-iAVy3Q-63szUqEUSmrQF8zwrCp-0vIXxmT6kOb_ROspGlQtZ2qxQIb0Yz7dcHqHI9OtbzId-VXiTLtGMG0YNCcBkWkg5r94UG2I2wT3PL7vpIb5ZKQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:31 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame F5B3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEJ1JbjK-7a5PJbZ66bYj-W4&google_cver=1

23 B
172 B

139ms
73ms

Image
image/gif

104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEJ1JbjK-7a5PJbZ66bYj-W4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COsBEML8nAEYjKqv1gEwAQ&v=APEucNU4Eimn3eXcXaaPuEY-S-mDyxbhMg29YdAp7Eo7YI6PJBAxblhzVsjVoWWu3CBX-iAVy3Q-63szUqEUSmrQF8zwrCp-0vIXxmT6kOb_ROspGlQtZ2qxQIb0Yz7dcHqHI9OtbzId-VXiTLtGMG0YNCcBkWkg5r94UG2I2wT3PL7vpIb5ZKQ
Protocol: H2
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires: Wed, 26 Oct 2022 01:54:31 GMT
pragma: no-cache
date: Wed, 26 Oct 2022 01:54:31 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEJ1JbjK-7a5PJbZ66bYj-W4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame F5B3 23 B
172 B 210ms
80ms Image
image/gif 104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COsBEML8nAEYjKqv1gEwAQ&v=APEucNU4Eimn3eXcXaaPuEY-S-mDyxbhMg29YdAp7Eo7YI6PJBAxblhzVsjVoWWu3CBX-iAVy3Q-63szUqEUSmrQF8zwrCp-0vIXxmT6kOb_ROspGlQtZ2qxQIb0Yz7dcHqHI9OtbzId-VXiTLtGMG0YNCcBkWkg5r94UG2I2wT3PL7vpIb5ZKQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires: Wed, 26 Oct 2022 01:54:31 GMT
pragma: no-cache
date: Wed, 26 Oct 2022 01:54:31 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/ Frame 7965 30 KB
11 KB 38ms
36ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Be23cuJfMi7Ey0cmkJa-dlFdOCS28LfQdjjtGqtIsfRPcgAmBnZL-W9ICeO3kFJLmXPdgZ25uMuy0BKBPwRjLLtLQMgrVn8zVz6NYottbF0g-0zm5BuTyLrdAeBs2LpA3INgEP-rU1n5Ouhiu2SG21fgcGeMcG_yDs5cb0eLNhx-u8EtM&cry=1&dbm_d=AKAmf-DD33ZPxOkk0dti2QVnXyytgz-xTiJ705x1nHbnU2K9rXtg0oUx00gi8yBEa_x9oe1nwZ2kaTJyywP1SonIJsVl3kwitHT9efb1E7SdNo3VW_PBIDlkbPuJJxv8JL8P5317WHEHurmp0zSDf0jXSbYRQZqmwwSN9ktpZgwfrqcEfJW8TtyPOCmvj-4FgVZjtUJ-nYk4SkEoZNFCr7Ym-k3Xzn8T-mo5G0vAR9DCr8x4bt6xFARA5zfLUrSUa7kFc43Oi5-pb_YB99DLIBrLx-OE5nnnlIdJqQezawq6e0R_nmkaBAp9KtO1lBZOOB28VFkjIa0VaA61E2hJSLbFEnWU957oRWN20nQNmm67Iu37DJnOBUb5LhojDGfo9ByMl3f5hEzg2LNALMoG_zH0f30aR34_mXgm6dKF2FHVlplSudkOKgYDwoBQaFALret-4WoFav94TJOoQnA_gvV4Hs7VDlKiPc3MuZTs4g4zBFKo4jj0XtRKoRv7VKhw_yAG2s5p0BGm5gFw20o7ilCjB86-p1If3T5NHOEOaEJl6mwL0Eplgaon9jBcN-FSw4ZPcP25D4efI8aJWHekAXPEa6P8EdNN6eq6JT_5_XIakBNvUWCFSIkqNNuHxLTQUTIkiXfKM1DVsArFQ11Q8m8LJgBn3yyXilkm8j5lC3ojcBhcBmnmZO8Q8D5U25zZXlCJjp46ofop_GYyU-k0OU7GKEmH8ezuqM1QsN-6RV9DF1lptlQlGS6DpH62xK6vkAmX_BeuPXaR4r8SF1-e4sO8SFdvC5MAlfVTw5qBp4REQ4osknEh72k8HwGeB-Dagy8ILEbr_nxmelIzshEYINiPl_ck21pqDwq9GuzfIw3XuTVM90CffVAblD7Z4ecJuE_bYq24sX79PQAD_BmyCaaa0LnlZK9ZCWA7e0VonUJuJIVldOOTYko1vUXXMUZEna2GfvwtHdZZvcQmIZ-INkyFmUGXOp-fbZYlXZJoDVxoFao-0pSp7yBM8q_WY3O2mDg-cPlUmr31SGAOLZ4mIuqSVRS4sHcYpJPBH9atZkOpso2j1ajRjrqonQLmve_yZMGRpj23gwucfz3kCWyxn1X6GeD60VVOhrs26qNnWdTO2FzMCYA2uNxkGvKGwUBisGJZMGVridW1095002EPFGZElZrFRSOhu7l0betX_bCtaLcdAYf2jDnPvG7q5CrkJuCMUyvq4wWNCE1LKOTDgnzf2zOu4UVVeJJLxIymHduO9THCrI6ccVM63M80iouuJtId6bFZyRbGPQtX8L8DSfZ3zEjj67Lg9e6Q9X48JyqxLmQwXHWWSeHj7Z6G4LOYwsaXtMJFR4UKpGbOVn_1k1v6N0su439wTZ4Eb4maC-izQyVjI6mKw4RTDOlCeaQIQ4IFHx1EykgGs9yZniCF0zpckoyXAcFWUQnLCXWQ7V5xApfRCMkZdkUaM4FNVH4omayTLtz5FLFTiIgzcVXa4MYuF7k8DpPa7fOUdS_EXXzEYHpBRJlqFcxCt3bYeZHE_8maMgQnbZABcfmSlxOnGiYe8ys_uot_3guOAOosXJrYznpORl-EBfxU0eCU5O4j3yxmLz2DJiC_QFkp2btYVihEQimGmvYYkcKXS68fmBz2DXsC-lYnT_dj557xe6o-G7a2L9oidUq1c3G-xPcIsEpPyW0OAJzx8T2-oAyOJtJe5VbTBivB_r9O6bY-P922Z-wmEaxcth0H3ear0wLkySxxhwoDDGUrdtUZEoqdVuX1RRaPzwbeEziUjcLXCTLm2j_UZDFcVEBamIFh8JsGhKjK788PLFB3EJeA7YGzcorUsQpbvOnePJEV76BQa7a4eV5ztpCeBsWeHSZabb_ghq_xz83X7mX2IOEsy3bbVpElqQXVZJC92RbAqpb2QLZwsimhi4W_eqw9tkR9TyHI_hnZCrIvlk7XC0F309Wt14vKSJK-JrxDIyOOxv-8Sx2dPDZ5gh7puchb1MNhlnyg9feyfkdY6evr86-GFiiTfU-xjarZK0zm3Yg326jhZukzVKNJjYRwvWxRKza_SHcHtamKJf7N3uYmnFF6z0we6uFnXE7RPxRuZCegjXUPmFcZt7CKjwwXsi6k8X-Yxggr_FYvyeBhelh3TmARcAT41OJtgcn8ujRSj05U1T1vZ1DG7QMTrq7skGztv8pWxg04VJ9GgQo5vudULiO4vujzVMkebV_0YF6Jeut2KdjQCl7MbEW5hZGIEhkcRpIkdl-ltYZYdT2vccoGQ5c0fjeTCVSfeYOk7d5HBliJv0L6IG7Z7TYbvBvB9EBxI1_Is9UTj2UEP20z25PDIc9iJofzd7COxeHBHNO-wrStcZLAIaQmaY4DVbtuI4LhHLSjQ06pGFPS4hQ0bgNXXCaxAtYgY84mez_zdaypZn_D0w4Zh4IjawCshNjAo1TUqbiPPTwtGA3OPugekJ8wEMFBMZVACPgWr5ZgPjOlkpbK_R9RZH9OKZWbMGGcFw9EXzTRqhYoNYerWMHHmsSfdnK6v8zPmlf1xEDf8WSyTgwuFt3aTaH8Set59tg9KBDxXASBBpetHVMUGlAQBRkhyA5dOmvnTLjzyMCIxAXcmxPcFF2rQxNar4s50EaQtGEYGGi_DgGVwGKYA2yoec25x-_gR1ToHWURQJ32zoKeDrijstxXvYbeUiU0ZZp-QCcw35PT7TeSdu3ObpPXQ3ZsUFDtAqUv0MqACNdsUu9Ytn0ojpeAwe4JpHlid6fT-EA4o2_Rwg8P3CK6cTjgX1F2AeopbvjDwQtr2I3jHPgYMbvl-Gvv0BCWl00-S_SMcVrNo1yqJNyuNxKTU5x60Yvjv66gRpL0NSIE2PQ6jKH19iIoEFwX9u5pLoWdwOP3Cu7b2-9C7BVlgdhzJyVltpIER_1fZBQApqM0wSpxR4f7N1HHgKTnp6AD6W-KGqnymjQR8_o7giWRAMR43x-SbBbMJ69MwyZu2WAKkXs7eHeAS3TmlmewZ1tSZ2FhjUjl1UPia4j3vA_aq6WohSLQjxqFXIjR4mQpAgRwLq5lAYJ4QeRb1SebUIsxrKNLcxoNj9GYQdapdFvRSd9q1YtbW3cPvzLqIfX43jkd75ay9kSpivOz8uS1fW4HDbt3GYMUdA3ddLLD8f_EPuCIu3IK0wZPo3IWI41G99_onzjV0yFRkdtokC7AUyBdLjuBO9D9ozT3RWePZLVP9qJKCezob6bbly5US-ecPQPx6455sO4IemmNHsocejkvpvhtI2RKLicxH7CatKK0l-eTIqKsbz4a9oyf0CgewQkamyLFD2cLT2-O5nmt4tkTlPLTHKEmgKE02cWtVOuOEUowYL3ZqbRdiv2V84jsHewSi2B3X3asNrw&cid=CAASJ-RoF-q3ecYvYYNAZqfQtznlTWrv1iSxg5adfJeXWGrZmAANF2X9Ew&rfl=1%2Chttps%253A%252F%252Fwww.wtnzfox43.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:21:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41551
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11726
x-xss-protection: 0
server: cafe
etag: 11376305771055881226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 14:21:59 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7965 41 KB
15 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 22:59:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10492
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 22:59:38 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8130 22 KB
8 KB 40ms
40ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 73972
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 05:21:39 GMT
expires: Wed, 25 Oct 2023 05:21:39 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 709A
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIB_82jJcRMyyQkgHgnNK2s&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIB_82jJcRMyyQkgHgnNK2s&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dnR0UFN0VzYxT052Q0w1&google_gid=CAESEIB_82jJcRMyyQkgHgnNK2s&google_cver=1&google_push=AZmPxg9xGw-MzqUPlKlJUMtt2QJZG-tguHrXlJc-6dppTIO...

170 B
188 B

52ms
51ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dnR0UFN0VzYxT052Q0w1&google_gid=CAESEIB_82jJcRMyyQkgHgnNK2s&google_cver=1&google_push=AZmPxg9xGw-MzqUPlKlJUMtt2QJZG-tguHrXlJc-6dppTIO4pMw8kRk2kBjDYPBOsEzHTSdCNcaBeerS8n2YBASaHyShu_pj9A

Requested by

Host: bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com
URL: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 01:54:31 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-0eed724e77eae7a40@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dnR0UFN0VzYxT052Q0w1&google_gid=CAESEIB_82jJcRMyyQkgHgnNK2s&google_cver=1&google_push=AZmPxg9xGw-MzqUPlKlJUMtt2QJZG-tguHrXlJc-6dppTIO4pMw8kRk2kBjDYPBOsEzHTSdCNcaBeerS8n2YBASaHyShu_pj9A
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 709A 0
191 B 154ms
47ms Image
text/plain 66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEGt1odLlrJ70BIRbWf5ofvo&google_cver=1&google_push=AZmPxg-94YLMh1mr-l_N5XSrCe_5ojSSHFlcE5XD4Dny0-DwBounuIsRj-vVq6H6PRC4k-BAJ6F0jw0JXoHb3vHQE1jErglyXbE
Requested by: Host: bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com
URL: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Wed, 26 Oct 2022 01:54:30 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 709A
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOe3OgNdNOtJSDNDHeH6o2k&google_cver=1&google_push=AZmPxg_iB0johpW5bXCJFnVkYm5DwpZvuUYjTsFm7Lvbcui9I2W93FxpP1hq3KmR07Ytfjvxa4gjgGV4NpVVrDOFECZO...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEOe3OgNdNOtJSDNDHeH6o2k&google_cver=1&google_push=AZmPxg_iB0johpW5bXCJFnVkYm5DwpZvuUYjTsFm7Lvbcui9I2W93FxpP1hq3KmR07Ytfjvxa4gjgGV4NpVVrD...
https://p.rfihub.com/cm?in=1&pub=20513&ssp=google
https://x.bidswitch.net/sync?dsp_id=119&user_id=5123196423682171009&expires=30&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg_iB0johpW5bXCJFnVkYm5DwpZvuUYjTsFm7Lvbcui9I2W93FxpP1hq3KmR07Ytfjvxa4gjgGV4NpVVrDOFECZOkTkkiw8&google_hm=xUIJ6JfBT9uk7w_imqIAYA==

170 B
188 B

51ms
50ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg_iB0johpW5bXCJFnVkYm5DwpZvuUYjTsFm7Lvbcui9I2W93FxpP1hq3KmR07Ytfjvxa4gjgGV4NpVVrDOFECZOkTkkiw8&google_hm=xUIJ6JfBT9uk7w_imqIAYA==

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg_iB0johpW5bXCJFnVkYm5DwpZvuUYjTsFm7Lvbcui9I2W93FxpP1hq3KmR07Ytfjvxa4gjgGV4NpVVrDOFECZOkTkkiw8&google_hm=xUIJ6JfBT9uk7w_imqIAYA==
Date: Wed, 26 Oct 2022 01:54:31 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 709A
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEETFZJ4_WjZixjmNgRwhRds&google_cver=1&google_push=AZmPxg8Qlx12h2G0foaTDemJXyFl5q8nlSR2c9B0CPbg68FPUUULhKhCW9UojpvQlETBLtXXaCLJjjmS...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEETFZJ4_WjZixjmNgRwhRds&google_cver=1&google_push=AZmPxg8Qlx12h2G0foaTDemJXyFl5q8nlSR2c9B0CPbg68FPUUULhKhCW9UojpvQlETBLtXXaCL...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODYxODE0NjE4NDQ1NTAxNDM0Mw&google_push=AZmPxg8Qlx12h2G0foaTDemJXyFl5q8nlSR2c9B0CPbg68FPUUULhKhCW9UojpvQlETBLtXXaCLJjj...

170 B
188 B

51ms
50ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODYxODE0NjE4NDQ1NTAxNDM0Mw&google_push=AZmPxg8Qlx12h2G0foaTDemJXyFl5q8nlSR2c9B0CPbg68FPUUULhKhCW9UojpvQlETBLtXXaCLJjjmSaOIosRUcbxYVfe0Zbvg

Requested by

Host: bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com
URL: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODYxODE0NjE4NDQ1NTAxNDM0Mw&google_push=AZmPxg8Qlx12h2G0foaTDemJXyFl5q8nlSR2c9B0CPbg68FPUUULhKhCW9UojpvQlETBLtXXaCLJjjmSaOIosRUcbxYVfe0Zbvg
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 dds
rtb.openx.net/sync/ Frame 709A 43 B
350 B 165ms
45ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEDK1eATVQzGKcTLFYD0Yr8M&google_cver=1&google_push=AZmPxg8iD8UWdLhhOJ2iqzLXLwdvjDFrorYPorqfsT2TiZ5eZSTf4_qCnVJECBMhKWBc1-Nez3BdQpaS1G9dOgrjHX92i5JKThk
Requested by: Host: bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com
URL: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:31 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: t4qqe7gm9hi0osfrdr1c4dd9go3gge98

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 709A
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBRBqtATHJEEox6z36Og86s&google_cver=1&google_push=AZmPxg_7x63cvLiHmxFRCyVA7gO7J_v6Hik4bnwkH2hjM-1LPlIYcjs6R_ex6JJVzWhutphg_X...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBRBqtATHJEEox6z36Og86s&google_cver=1&google_push=AZmPxg_7x63cvLiHmxFRCyVA7gO7J_v6Hik4bnwkH2hjM-1LPlIYcjs6R_ex6JJVzWhutphg_X...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1IQ0VhZkZSRTJ1SEo4NG1tZEdfMzVudEFhdXJFRXZ3Mn5B&google_push=AZmPxg_7x63cvLiHmxFRCyVA7gO7J_v6Hik4bnwkH2hjM-1LPlIYcjs6R...

170 B
188 B

53ms
52ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1IQ0VhZkZSRTJ1SEo4NG1tZEdfMzVudEFhdXJFRXZ3Mn5B&google_push=AZmPxg_7x63cvLiHmxFRCyVA7gO7J_v6Hik4bnwkH2hjM-1LPlIYcjs6R_ex6JJVzWhutphg_XnGxBpcLxRccvJZylUhy-D82mBh

Requested by

Host: bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com
URL: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1IQ0VhZkZSRTJ1SEo4NG1tZEdfMzVudEFhdXJFRXZ3Mn5B&google_push=AZmPxg_7x63cvLiHmxFRCyVA7gO7J_v6Hik4bnwkH2hjM-1LPlIYcjs6R_ex6JJVzWhutphg_XnGxBpcLxRccvJZylUhy-D82mBh
date: Wed, 26 Oct 2022 01:54:31 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 709A
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEBpCW7a0fhxsabGcqCSaRm8&google_cver=1&google_push=AZmPxg9oz1vgtifZS...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTEyMDA3NTI2NjI4NDc3ODI4NA%3D%3D&google_gid=CAESEBpCW7a0fhxsabGcqCSaRm8&google_cver=1&google_push=AZmPxg9oz1vgtifZSpZgbAGEMqA-EA1RoT...

170 B
188 B

50ms
50ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTEyMDA3NTI2NjI4NDc3ODI4NA%3D%3D&google_gid=CAESEBpCW7a0fhxsabGcqCSaRm8&google_cver=1&google_push=AZmPxg9oz1vgtifZSpZgbAGEMqA-EA1RoTS9g_jGBoP4qwJ9TdvXKLbVy_9GVP_Ky8TxNgSM5W-8jB9krXTYHLZHRw6iCbzI_ReS

Requested by

Host: bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com
URL: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 01:54:31 GMT
AN-X-Request-Uuid: 22c95e11-dfb1-4805-a7b4-60d701d95f9c
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTEyMDA3NTI2NjI4NDc3ODI4NA%3D%3D&google_gid=CAESEBpCW7a0fhxsabGcqCSaRm8&google_cver=1&google_push=AZmPxg9oz1vgtifZSpZgbAGEMqA-EA1RoTS9g_jGBoP4qwJ9TdvXKLbVy_9GVP_Ky8TxNgSM5W-8jB9krXTYHLZHRw6iCbzI_ReS
Connection: keep-alive
X-Proxy-Origin: 80.255.7.101; 80.255.7.101; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 709A 0
12 B 49ms
48ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JrjT0i-4KO-VwzmPCrE06aOFieWcvjVOWj7-k_oW1lvGU4giuEK-cTiSZ0_kh58JPIqmltEJM

Requested by

Host: bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com
URL: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:31 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 impl_v91.js Show response
www.googletagservices.com/dcm/ Frame 7965 61 KB
23 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v91.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfcf80bfb2d17562d38d3f50db9274d902ec50021beb3cc46ca61de7d2410a2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 21:03:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17432
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23646
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:32:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Oct 2023 21:03:59 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame C780 22 KB
8 KB 37ms
37ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 73972
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 05:21:39 GMT
expires: Wed, 25 Oct 2023 05:21:39 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61877903/20220614044128194/ Frame E606 115 KB
25 KB 122ms
45ms Document
text/html 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61877903/20220614044128194/index.html?e=69&leftOffset=0&topOffset=0&c=HxHgGL9af9&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7733207cffdf30a54d5243350f4d55e696721a83a3022df349ce7ee17cbd3c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 25735
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 01:54:31 GMT
expires: Thu, 27 Oct 2022 01:54:31 GMT
last-modified: Tue, 14 Jun 2022 11:41:28 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9BB9 0
622 B 182ms
84ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsugYaCQzW1hujnag1QL7IgPLq_B0nZXxn80XQ2XeG4qoKXxRdYG2v9Jbrmf07PK5kae-YyxvEN9oupLM5uczysY3nY-wL_lcPEwB-3a9tymIAkN_SYObQuLqFi0qlrWiTtQLc7g9nYBK21LVoQDpBkdx8em0Y925alnM3-5L52r3Tg9WyaAIDu3yhYaQA73B8QwlFBeMoQ2X6MCcm5s4M6B2f48nql7Erl4hbup2BWPlHKlOSlP8jhT2IUkLHo8-eyjBexE_P-oUsaCStGaSND0_qYDXDluJ-6EDcIzfXeWnqn8_gxg88hqDznP6QKkGGkAylONyILJFw8TZRhiLy0qtz4VjXaYhnSP4UNBJrabFEsU11rY98mBw4ID6viyM7a7HZEKAByQN_u7ko_hQN8W5Rs3XbVBpM8pNtrMlpb4e8frcX8HYPBCTlYoykckVru9LsfICexFXxalYYUhhRrpxpZhPkzxRIGQg-Idiye4Qlx9kNBneukCEI-x4L70FKgjCha1NVZvgMbvKz1NbVU2R9q8n5X9B__eJ-EWlDqvfWFJGxSaKhgqo5fiddqZDeLfP6YGubn6cRfkOPwcv-mO3cfBSoHgBt8Qb2s6T2V1a_fZYF0gn7i_v7u4bAaMz1bAsKG7_1kPtKxIISxOy-JYH5qaw2wnCvtQ8Iva3q7MRf6P5x8G6UA1igPIDRnN0DZPNYbrn6qbc8ae51CK-x5aFobELaP_SKdlnl7N5evcMl3ie8fgO9BB7TEn35reYn0j1SUG-bmdLeUHN5zGMZTTe5sV-DS4-1ZxcbQbtN-sEAjUxHnjPWi6EIT4qbabhtsecnUoBubrOqdlSkQhA3qcFNhiZS4jPD9AZXHqqWlus7EbfqgbpgH1Fa3DBM_Sp2SHVHqb9B3FA0Y7SfCNpxdl-siqDIVkh4TEp-cZ6MgQHut_ayHBr8e5JDG3--gAXcLodTrFYjhvhupnUV5KEIF4rkD6QuMzB4BiLO80aDlawgt8Vt13HL6AaYXXJ4TLBUaQbBqj0FNl2F2zzY_ZzXAJB0-498ICJKIH5KEHRlVIxK3gLfVxbo6HQ7CXnV8KcXT2UV-e6HNHGo_PY5hAjG_yHxkzTedO555fieyfAhe76j-oTsEl01vaosUPF0n1_91UEkMHfvkRvaMRWv8sntPUMloH0z0PVlQIAw6vz2EuqbLytcsv3q2oUF3QiUm6VIgLfUtkZSCOcCRt9joSSYO7n2nTkjKWL0ByGVf9D8EioFtRTHkbvAbPM2gglAtYX4d4oBvLpodcAX6VlWwa6FODUE_5CgkB13aWIH-MnsLaVR6ClGKGj_1aZFNH&sai=AMfl-YStH92G5vESophlyD8ClN6Hq3Kafpbw4Rn7Djw3Nc_dY7Ei6TD65Si_Qf-F2WVoCi-7OrefDY5XinjrR0QDPzE-CkDH9QDydjS9z5k7BlyJ-XPqYgEOdbm3KVsmbJsa0yqWn42qDjOrZ9CVjtMssnMnYBVqgohUk9e3CUmenDyTXQ3-Twr4FuGhBhecOx1mEkMwvWLC9nyI1F6f1DeHe69QnDA&sig=Cg0ArKJSzASZNhh0qJpAEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=204&cbvp=1&cstd=198&cisv=r20221020.65987&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 26 Oct 2022 01:54:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 568fMfmsPhabDhBQKM56ETVW7wyafyuYtNw47YmmG7Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 8130 36 KB
16 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/568fMfmsPhabDhBQKM56ETVW7wyafyuYtNw47YmmG7Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7af1f31f9ac3e169b0e105028ce7a113556ef0c9a7f2b98b4dc38ed89a61bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 13:34:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44394
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16117
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 15:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Oct 2023 13:34:37 GMT

GET
H2 200 B28634677.349103066;dc_ver=91.268;sz=300x250;u_sd=1;dc_adk=2923430905;ord=ht1rvz;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCReTaVpNYY6etF5SpgQeJ4r2QBbj96YNt3NuY-sg... Show response
ad.doubleclick.net/ddm/adi/N5378.3665442DV360/ Frame B25C 56 KB
27 KB 187ms
85ms Document
text/html 172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N5378.3665442DV360/B28634677.349103066;dc_ver=91.268;sz=300x250;u_sd=1;dc_adk=2923430905;ord=ht1rvz;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCReTaVpNYY6etF5SpgQeJ4r2QBbj96YNt3NuY-sgQn6bjwOw1EAEguoj7JWCVuq2CtAegAaCEt4EDyAEJqQJLPTa-frawPqgDAaoE-gFP0PJgFQxtnNUdatBAT-AW79XQ-s8EwcSiJAjZ-UgAT4j8nITQ-1PeJiAZH_5vG9E0W3l9MaLvPs-TSJotG8wylEt_DQPeVvMwtccIn_HoqyCiK9y3USQbDbBSPtZtEzoX69Qy74bIhDPI_K11Wpw8rHbbJPhH-B_z4rSHpKicmdOgOINYCPATi9OkIUYw3UwG7QZTu_B3Zps0hWS9oiO319o4zhNM2cG4jW2hFuaYYPQ-RRQLl_ACC0sh72jdyD4CzyQizLpe4y09vyZeCCdxyUqZxw3LVDqsGGuSVLE2sjVubzihw6ZdBS3NInWU3nWH9IPzhmwNCANUwATTgcXInQTgBAOQBgGgBk2AB8j7yH6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBA8ggbYWR4LXN1YnN5bi01MDkxNzk1NDY3MTY5NTAzgAoDmAsByAsBgAwBsBOw5PQQ2BMN2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJ-RoF-q3ecYvYYNAZqfQtznlTWrv1iSxg5adfJeXWGrZmAANF2X9Ew%26sig%3DAOD64_39-qk_8JM1h6KTlW3DosK7YNDViA%26client%3Dca-pub-6042373951237502%26dbm_c%3DAKAmf-A8yRUm0vdrb--tfkf6ovEhPNnEsftjuTouadA8jJv9UTwjqfmzY2_6U9ruxIxFM2dnFV-Zl11-f_agCT1Vz8PWtQJk2FOuwD0y-GWd6-r9yLIq2GHiGlasAI84AStzKa7pW0RDvqKkJuaEze4rzzzbbRgJzZjUuIyqzdBEhXkTv6cgGiI%26cry%3D1%26dbm_d%3DAKAmf-CsWWDo353mYM_8rmGCBcpmOSe7qv1LevOCKBs_F08EL4eZbF3ll2AbgNMvnIGYS0VXnpPos2644IjyvHclZHPTSRo1auq6BS0GCSP2D-NRV0xiep0jw0el2gl9koU5pMK-xV6eITytWi-Sc68Ps0xYoriCOTmBvPOpKv2MHgd9tPT1uzsB-16BDO3pAfu2r81A781140tjbukHrWjaZLGGkSWdCMZGIKnIqWKvo1b3E3BBd6Z9UX-4zJ8tbKHjHzppxQ6QBhpTpCX4y4q6p5XjuryRs7QraO8PmaPZ2ugSKJcJ65Z32zP6FEHSrin3QWDOBH1xGz39gapuZ--Kk-vw4qRtoMNx7lTVnsug3VpdOujV2z74hAJ43vF3fo8aJpcWwe8To2CS41jxnGGac-JyNpSSJH0rVjEFMLl30MCupyJlxxO1UPXpNkAuEu3cSz9hCHdrZZH3DStzQfrp5KS21SJtA5xR-hoUZ9tQlO5OOKmA5k5Y7Uo5KrAkCQB_TIfsioQdiNU33s5fVgfRJaE1OzaLhInnTRQFUsV0J-p82BLlZgs%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.wtnzfox43.com%2F$0;xdt=1;crlt=9VlA7lWQWF;stc=1;chaa=1;sttr=53;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v91.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f6.1e100.net

Software

cafe /

Resource Hash

91020ed5f440c5b6143d89d9c1e3da9135cfaa3fb441eb9192c5bde56c298ad9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 26916
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 01:54:31 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7965 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 296461b633e7a0252ed0f8dcce695fd21336593dc55f108d6cb29f605e39e1e3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 568fMfmsPhabDhBQKM56ETVW7wyafyuYtNw47YmmG7Q.js Show response
pagead2.googlesyndication.com/bg/ Frame C780 36 KB
16 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/568fMfmsPhabDhBQKM56ETVW7wyafyuYtNw47YmmG7Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7af1f31f9ac3e169b0e105028ce7a113556ef0c9a7f2b98b4dc38ed89a61bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 13:34:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44394
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16117
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 15:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Oct 2023 13:34:37 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame E606 118 KB
40 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61877903/20220614044128194/index.html?e=69&leftOffset=0&topOffset=0&c=HxHgGL9af9&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61877903/20220614044128194/index.html?e=69&leftOffset=0&topOffset=0&c=HxHgGL9af9&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 11:10:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53054
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 26 Oct 2022 11:10:17 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4092 42 B
64 B 148ms
72ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssWtFTyY2voc4Sh80fZOtNXbDBaUJShesn7oSDA6iEmhkwq7q1U6sR3nuCrJ9PWIjPfpUwRkfa9fhmFfbpMeLpPZpf9yExX9faQkGF76DHPAKmkV-1P&sig=Cg0ArKJSzD1_v2X6MnXyEAE&id=lidar2&mcvt=1006&p=159,436,249,1164&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20221024&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=556621095&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666749269907&rpt=296&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 11086046652798049672
s0.2mdn.net/simgad/ Frame B25C 58 KB
58 KB 39ms
38ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/11086046652798049672

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N5378.3665442DV360/B28634677.349103066;dc_ver=91.268;sz=300x250;u_sd=1;dc_adk=2923430905;ord=ht1rvz;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCReTaVpNYY6etF5SpgQeJ4r2QBbj96YNt3NuY-sgQn6bjwOw1EAEguoj7JWCVuq2CtAegAaCEt4EDyAEJqQJLPTa-frawPqgDAaoE-gFP0PJgFQxtnNUdatBAT-AW79XQ-s8EwcSiJAjZ-UgAT4j8nITQ-1PeJiAZH_5vG9E0W3l9MaLvPs-TSJotG8wylEt_DQPeVvMwtccIn_HoqyCiK9y3USQbDbBSPtZtEzoX69Qy74bIhDPI_K11Wpw8rHbbJPhH-B_z4rSHpKicmdOgOINYCPATi9OkIUYw3UwG7QZTu_B3Zps0hWS9oiO319o4zhNM2cG4jW2hFuaYYPQ-RRQLl_ACC0sh72jdyD4CzyQizLpe4y09vyZeCCdxyUqZxw3LVDqsGGuSVLE2sjVubzihw6ZdBS3NInWU3nWH9IPzhmwNCANUwATTgcXInQTgBAOQBgGgBk2AB8j7yH6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBA8ggbYWR4LXN1YnN5bi01MDkxNzk1NDY3MTY5NTAzgAoDmAsByAsBgAwBsBOw5PQQ2BMN2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJ-RoF-q3ecYvYYNAZqfQtznlTWrv1iSxg5adfJeXWGrZmAANF2X9Ew%26sig%3DAOD64_39-qk_8JM1h6KTlW3DosK7YNDViA%26client%3Dca-pub-6042373951237502%26dbm_c%3DAKAmf-A8yRUm0vdrb--tfkf6ovEhPNnEsftjuTouadA8jJv9UTwjqfmzY2_6U9ruxIxFM2dnFV-Zl11-f_agCT1Vz8PWtQJk2FOuwD0y-GWd6-r9yLIq2GHiGlasAI84AStzKa7pW0RDvqKkJuaEze4rzzzbbRgJzZjUuIyqzdBEhXkTv6cgGiI%26cry%3D1%26dbm_d%3DAKAmf-CsWWDo353mYM_8rmGCBcpmOSe7qv1LevOCKBs_F08EL4eZbF3ll2AbgNMvnIGYS0VXnpPos2644IjyvHclZHPTSRo1auq6BS0GCSP2D-NRV0xiep0jw0el2gl9koU5pMK-xV6eITytWi-Sc68Ps0xYoriCOTmBvPOpKv2MHgd9tPT1uzsB-16BDO3pAfu2r81A781140tjbukHrWjaZLGGkSWdCMZGIKnIqWKvo1b3E3BBd6Z9UX-4zJ8tbKHjHzppxQ6QBhpTpCX4y4q6p5XjuryRs7QraO8PmaPZ2ugSKJcJ65Z32zP6FEHSrin3QWDOBH1xGz39gapuZ--Kk-vw4qRtoMNx7lTVnsug3VpdOujV2z74hAJ43vF3fo8aJpcWwe8To2CS41jxnGGac-JyNpSSJH0rVjEFMLl30MCupyJlxxO1UPXpNkAuEu3cSz9hCHdrZZH3DStzQfrp5KS21SJtA5xR-hoUZ9tQlO5OOKmA5k5Y7Uo5KrAkCQB_TIfsioQdiNU33s5fVgfRJaE1OzaLhInnTRQFUsV0J-p82BLlZgs%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.wtnzfox43.com%2F$0;xdt=1;crlt=9VlA7lWQWF;stc=1;chaa=1;sttr=53;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a994d8788ddbdc30d69ffbbacbe91e05b5f1fcc463975dd736d408c7e8536ebf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 04:40:28 GMT
x-content-type-options: nosniff
age: 76443
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59639
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 09:08:46 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 04:40:28 GMT

GET
H3 200 sodar_loader.js Show response
pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/xfa/ Frame B25C 10 KB
4 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/xfa/sodar_loader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

874e545a5055f7c8602c30ffd711768e8105bb75c87045a794f934d9cffa30c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:56:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35898
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4037
x-xss-protection: 0
server: cafe
etag: 4842123143989086801
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 15:56:13 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/ Frame B25C 8 KB
3 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:20:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41617
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 14:20:54 GMT

GET
H3 200 btn_cta_arrow.svg
s0.2mdn.net/ads/richmedia/studio/pv2/61877903/20220614044128194/ Frame E606 363 B
293 B 64ms
63ms Image
image/svg+xml 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61877903/20220614044128194/btn_cta_arrow.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61877903/20220614044128194/index.html?e=69&leftOffset=0&topOffset=0&c=HxHgGL9af9&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47a278025cea905349e975bf082b6d027e22a536a4b3d370afeb04d8fc5b2ca4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61877903/20220614044128194/index.html?e=69&leftOffset=0&topOffset=0&c=HxHgGL9af9&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 16:27:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34015
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 265
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 11:41:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 26 Oct 2022 16:27:36 GMT

GET
H3 200 kia.woff
s0.2mdn.net/ads/richmedia/studio/pv2/61877903/20220614044128194/ Frame E606 23 KB
23 KB 39ms
39ms Font
font/woff 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61877903/20220614044128194/kia.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61877903/20220614044128194/index.html?e=69&leftOffset=0&topOffset=0&c=HxHgGL9af9&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4974622fff31e0fe9dcc6c31c33e3f74dfb665d2678bd876ab807506e3bab60c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61877903/20220614044128194/index.html?e=69&leftOffset=0&topOffset=0&c=HxHgGL9af9&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 13:45:55 GMT
x-content-type-options: nosniff
age: 43716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23072
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 11:41:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 26 Oct 2022 13:45:55 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B25C 152 KB
46 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666611803224388"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Oct 2022 01:54:31 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame B25C 0
26 B 150ms
73ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssqsn2n2Jw-dVx5wmAQMlFXb_Rb7n_Iy8gQjCRRyQJF34P211GwmXFFUxo0NI9cCxe2_80H6c_m0CqIr-GTi5C-eqHoMmWTz7qPDj1uhqtcit3cr349MO3UIijyTAXUyH53eOdD1-cxrDHDC7XkrwQd_ESSSkIowfkmHg&sai=AMfl-YT4T6r5BEinZtqD2WzSdaHsziSCZyYWI7aF--_pxRdtMhgaajfz-cFrsM7A5_aYPQo5k5fwgJCImInGR2Gh_pHjzChBAbiwXbDAU-bd&sig=Cg0ArKJSzFi0sXuE0HjhEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221020.17835&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B25C 41 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 22:59:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10493
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 22:59:38 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E606 7 KB
6 KB 55ms
55ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd9e6438825cf79e52a216abe1a0998abd4671073f5280016547b66dd873c889

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5715
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8130 0
20 B 74ms
73ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BhP6NVpNYY8_wLPe4x_APxOulgAcAAAAAOAHgBAI&bg=!f3ylfDjNAAaaxvStusY7ACkAdvg8Wtiq_DOiZ1-fMb-LDuoAMRrouuPHGqZTijo0ravVFE0ji2QIFwIAAACZUgAAAANoAQcKACX4Dm6f-i0KDuO5GXrcXKxPtnMc3t6s9cVXW7lpijv0RzX0yccimQL2D1rJvr7kFWXL6rw0pfJkQ6GMC7F80UoNo-fjXBntuY2wzUmVhLH02rXws8vRi6G-GiPIHIRA7NFJx1oJwtvZ6J_xMN5Exl1JxpziSqpABB8pU6zR26WGDR5MpYS9mv0Vvr-L5oVx-6q8XqCKkPX22ABpe5gfTT_yew_hhirCwheX5TSQxfwR4QRhLMIVKFz2wq1XNGkVggCc4sLeO1cbbGYtrcoRazO9c7jZb_rGHzd-S-F3zZhswI8HjAmgmx_G5zH7rVR3o-mDsFBRYuLqqabjHhOS_z-EOY8Iy3MPANryhEegxsMzzcN0Ld4rEMbnR1BEn4YVZ3svDWqK-H2NVAhosqGQrfiwyY8Jb1eMz4MVHTchuc_0rlmXsvs4CRBb2eColQgVnr7VcqGJRFxSU74tiufMQbiQwLk-vqy-MduVH6oeLVjS1sL75YYYddvJF9jXtPcynLwuuxTi1N8fkDRy6CXtRBBTeaenBKn-milq9NsR7YGEncnS-8ASaPM2kAYUC-4gwmJ9BzhDq1YC2Iw4qjbqOI2_-VOVqQ25FvKEyuTLfqDadzNOtTFB_z2DG7QMiUgCyt_T3BmFKUOYwicsRfOT2BdtD9MkyT85puzjvTwQTjeeHSFHcqhL0EdGCZy3j5lts036qfASiZycsT55i5d3iOXtNXxfGtB4fBKgV3iOQQAn86_xZwsQJNzwhLyFPYu7dbt0Kd_yDZbQrtU2mLYXD6SsihZwAU29Oa4l7xzrtet_qmXtzrO46BI1LF0pC08fNKcS_pvU-Qw1_oBQUqxsI2PdxZ0iuMVfmCCMSgTjg0l-mxu1BiZC1yZm6gYdNcdiYyKFEC0lFEt7IwrMbQNQHCVWNtwOCCoz5CDmbcIHs6OkkYrhIgsn9UdeKT2c6f_SW6xxeN5Y_kx8GnJZlrPvV0cGD466_wYeNaycfiCaUrGhXspTYek1lZTIg14gTPQ8UaSoekjMlWUYYYwOqPoeIDAu2BFW-_DQphmWF6IssG8

Requested by

Host: bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com
URL: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9BB9 0
26 B 127ms
75ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsugYaCQzW1hujnag1QL7IgPLq_B0nZXxn80XQ2XeG4qoKXxRdYG2v9Jbrmf07PK5kae-YyxvEN9oupLM5uczysY3nY-wL_lcPEwB-3a9tymIAkN_SYObQuLqFi0qlrWiTtQLc7g9nYBK21LVoQDpBkdx8em0Y925alnM3-5L52r3Tg9WyaAIDu3yhYaQA73B8QwlFBeMoQ2X6MCcm5s4M6B2f48nql7Erl4hbup2BWPlHKlOSlP8jhT2IUkLHo8-eyjBexE_P-oUsaCStGaSND0_qYDXDluJ-6EDcIzfXeWnqn8_gxg88hqDznP6QKkGGkAylONyILJFw8TZRhiLy0qtz4VjXaYhnSP4UNBJrabFEsU11rY98mBw4ID6viyM7a7HZEKAByQN_u7ko_hQN8W5Rs3XbVBpM8pNtrMlpb4e8frcX8HYPBCTlYoykckVru9LsfICexFXxalYYUhhRrpxpZhPkzxRIGQg-Idiye4Qlx9kNBneukCEI-x4L70FKgjCha1NVZvgMbvKz1NbVU2R9q8n5X9B__eJ-EWlDqvfWFJGxSaKhgqo5fiddqZDeLfP6YGubn6cRfkOPwcv-mO3cfBSoHgBt8Qb2s6T2V1a_fZYF0gn7i_v7u4bAaMz1bAsKG7_1kPtKxIISxOy-JYH5qaw2wnCvtQ8Iva3q7MRf6P5x8G6UA1igPIDRnN0DZPNYbrn6qbc8ae51CK-x5aFobELaP_SKdlnl7N5evcMl3ie8fgO9BB7TEn35reYn0j1SUG-bmdLeUHN5zGMZTTe5sV-DS4-1ZxcbQbtN-sEAjUxHnjPWi6EIT4qbabhtsecnUoBubrOqdlSkQhA3qcFNhiZS4jPD9AZXHqqWlus7EbfqgbpgH1Fa3DBM_Sp2SHVHqb9B3FA0Y7SfCNpxdl-siqDIVkh4TEp-cZ6MgQHut_ayHBr8e5JDG3--gAXcLodTrFYjhvhupnUV5KEIF4rkD6QuMzB4BiLO80aDlawgt8Vt13HL6AaYXXJ4TLBUaQbBqj0FNl2F2zzY_ZzXAJB0-498ICJKIH5KEHRlVIxK3gLfVxbo6HQ7CXnV8KcXT2UV-e6HNHGo_PY5hAjG_yHxkzTedO555fieyfAhe76j-oTsEl01vaosUPF0n1_91UEkMHfvkRvaMRWv8sntPUMloH0z0PVlQIAw6vz2EuqbLytcsv3q2oUF3QiUm6VIgLfUtkZSCOcCRt9joSSYO7n2nTkjKWL0ByGVf9D8EioFtRTHkbvAbPM2gglAtYX4d4oBvLpodcAX6VlWwa6FODUE_5CgkB13aWIH-MnsLaVR6ClGKGj_1aZFNH&sai=AMfl-YStH92G5vESophlyD8ClN6Hq3Kafpbw4Rn7Djw3Nc_dY7Ei6TD65Si_Qf-F2WVoCi-7OrefDY5XinjrR0QDPzE-CkDH9QDydjS9z5k7BlyJ-XPqYgEOdbm3KVsmbJsa0yqWn42qDjOrZ9CVjtMssnMnYBVqgohUk9e3CUmenDyTXQ3-Twr4FuGhBhecOx1mEkMwvWLC9nyI1F6f1DeHe69QnDA&sig=Cg0ArKJSzASZNhh0qJpAEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=536&vt=11&dtpt=332&dett=3&cstd=198&cisv=r20221020.65987&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B25C 7 KB
6 KB 53ms
52ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/xfa/sodar_loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a13ff1bc382c3542e9cc1e6ef0a51a45f7b7ebec20083142b19fe771ea4f25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5783
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame B25C 0
26 B 120ms
75ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 motif.svg
s0.2mdn.net/ads/richmedia/studio/pv2/61877903/20220614044128194/ Frame E606 451 B
341 B 41ms
40ms Image
image/svg+xml 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61877903/20220614044128194/motif.svg

Requested by

Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

524c55c8d2300cce448d346b995650dc7fcd703ab0c3734c057147b5c69d3773

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61877903/20220614044128194/index.html?e=69&leftOffset=0&topOffset=0&c=HxHgGL9af9&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 16:27:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34015
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 11:41:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 26 Oct 2022 16:27:36 GMT

GET
H3 200 logo_kia.svg
s0.2mdn.net/ads/richmedia/studio/pv2/61877903/20220614044128194/ Frame E606 1 KB
702 B 41ms
40ms Image
image/svg+xml 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61877903/20220614044128194/logo_kia.svg

Requested by

Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4caec19fb48c8b123d8f1dd3443f2bd70863adf6408db3ea83b1ee46df65c454

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61877903/20220614044128194/index.html?e=69&leftOffset=0&topOffset=0&c=HxHgGL9af9&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 21:04:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17428
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 674
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 11:41:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 26 Oct 2022 21:04:03 GMT

GET
H3 200 23717839_20211026020519412_bg_01.jpg
s0.2mdn.net/ads/richmedia/studio/23717839/ Frame E606 29 KB
29 KB 54ms
54ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23717839/23717839_20211026020519412_bg_01.jpg

Requested by

Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fd323d8762bfe107930a69fab5d99df2b9eb7fcf1e266bfc801113a0d4d9620

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61877903/20220614044128194/index.html?e=69&leftOffset=0&topOffset=0&c=HxHgGL9af9&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 13:49:01 GMT
x-content-type-options: nosniff
age: 43530
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29911
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 09:05:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 26 Oct 2022 13:49:01 GMT

GET
H3 200 23717839_20211026033458094_bg_02.jpg
s0.2mdn.net/ads/richmedia/studio/23717839/ Frame E606 30 KB
30 KB 41ms
40ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23717839/23717839_20211026033458094_bg_02.jpg

Requested by

Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7993d2d8d1e84feef5eaa4d8c9dcbc44367875122baa1b6760d9150711f4577

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61877903/20220614044128194/index.html?e=69&leftOffset=0&topOffset=0&c=HxHgGL9af9&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 13:49:01 GMT
x-content-type-options: nosniff
age: 43530
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30908
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 10:34:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 26 Oct 2022 13:49:01 GMT

GET
H3 200 23717839_20211026020525850_bg_03.jpg
s0.2mdn.net/ads/richmedia/studio/23717839/ Frame E606 29 KB
29 KB 46ms
46ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23717839/23717839_20211026020525850_bg_03.jpg

Requested by

Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3435b89855d83510f5b3dcc3d0bfe4d8b7848a76c218d939fa4cbcc43d004f02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61877903/20220614044128194/index.html?e=69&leftOffset=0&topOffset=0&c=HxHgGL9af9&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 13:49:01 GMT
x-content-type-options: nosniff
age: 43530
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29523
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 09:05:25 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 26 Oct 2022 13:49:01 GMT

GET
H3 200 23717839_20211026033502008_bg_04.jpg
s0.2mdn.net/ads/richmedia/studio/23717839/ Frame E606 33 KB
33 KB 61ms
61ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23717839/23717839_20211026033502008_bg_04.jpg

Requested by

Host: www.wtnzfox43.com
URL: https://www.wtnzfox43.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63f144c4faf434bfe66e01058d20974e19961adab4808beaaf9735871e930d4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61877903/20220614044128194/index.html?e=69&leftOffset=0&topOffset=0&c=HxHgGL9af9&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 13:44:55 GMT
x-content-type-options: nosniff
age: 43776
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33944
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 10:35:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 26 Oct 2022 13:44:55 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C780 0
20 B 76ms
76ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B2x2aVpNYY-T_N-K-9u8P-s-98AcAAAAAOAHgBAI&bg=!7u2l7anNAAaaxvStusY7ACkAdvg8Wt0F12AJqMQ9jJxAZnq6x6V7OK3yqdRKCOGfB4S1uxOFo2BhdwIAAADHUgAAAAJoAQeZAugytXrOEZOm4YM6K3k7BlC-j4cEmxYdTZFma6Z_nP8ScPrup0ybI6loIA3r55X0-Bfrg3QjR9j5ZYrH-Vokh5Tl3R96aENVT_fxYDoMDnEKiByZbXr78zKVJBLipa7Xfq5zSpPQ-yz3Hm7xTNm_M_7rGNfhO1oKHLD2v8wRdm0VQw7TlvBUbTiw41WzoB9bI53_W-5NWtjj7EfoFewcTwBwLTWKPEf1r6oygm_anfQ6S-4cQRRm0OFgMnuDXalX4N9haiOkRFSr7t4WjcK_Z-uVzctvLdMkCJ1OjaUKOPWTPslEE27g9nKbkoWTKOUJ2vXgoeriL02kbrpBmvidR4PeTcbZd-n_hlca7PhSEMRsqXHpgmO3JHswz-MRXQjd9-lBJTObLmKHPl2YQfivbierOHalILKwM3ALg9wwXzbu7uHyGr-tkLYYml5uFfVrqZGuOsZ3zOZNHk2EItEk-Sr_Cy6QmSY_BX7WnWf_x75mJ5AJEYlOBPlCN0HtG2qDFHDYOCCLW87mXUND4dV2aIJcpJOIns4NRMIj499b1_aEUugiYg0UJZ29YPq71fPOmcyOZr2em_Dh2W0Xwr9z9goNtsQ39zTgNBZnvTccde_XwVe2S8K5ggReWcfuvxNfsTg2N3jg2vCTGbVJ05yDX5n7FgyIQKjLpF-CMLlBwU4I2bWdJc576eLWmv-4J2qlK6tuZWHDcUzVwN3sD781J6k6YyfHtN03nHmWtOjD9Qd_VlXXxWUc71BBzLn7T2PqJbQk1xBei1Njeeri3ZltzM9ck_YO-fmnVKkJovGWEuVDGL9iXALvDJFFYHAGoDpJnGiZR2Q6uwtWmwElclyDG-SDPW_8UTsYbL7uXbJZfVpqY4ma6CV5mpGi5FVUKY6nALBk9l7NnZ9gkUnHxc3T2gVeptzjJPtnyZ_5xV9Oz7qVQAW8Df47BoyUEVuJaXaVdvyWOBjHUQE4YhxiDCFiQ3wAy6jEeP0Wx90

Requested by

Host: bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com
URL: https://bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E606 17 KB
6 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Oct 2022 01:54:31 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame DA22 22 KB
8 KB 38ms
37ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 73972
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 05:21:39 GMT
expires: Wed, 25 Oct 2023 05:21:39 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B25C 17 KB
6 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/xfa/sodar_loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Oct 2022 01:54:31 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 58ms
56ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022102001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c8607f98a261f6241e6190d0e6d562d6ab86b03dc42244d18db1de553285f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11308
x-xss-protection: 0

GET
H3 200 568fMfmsPhabDhBQKM56ETVW7wyafyuYtNw47YmmG7Q.js Show response
pagead2.googlesyndication.com/bg/ Frame DA22 36 KB
16 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/568fMfmsPhabDhBQKM56ETVW7wyafyuYtNw47YmmG7Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7af1f31f9ac3e169b0e105028ce7a113556ef0c9a7f2b98b4dc38ed89a61bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 13:34:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44394
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16117
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 15:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Oct 2023 13:34:37 GMT

GET
H3 200 568fMfmsPhabDhBQKM56ETVW7wyafyuYtNw47YmmG7Q.js Show response
pagead2.googlesyndication.com/bg/ Frame DFD0 36 KB
16 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/568fMfmsPhabDhBQKM56ETVW7wyafyuYtNw47YmmG7Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7af1f31f9ac3e169b0e105028ce7a113556ef0c9a7f2b98b4dc38ed89a61bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 13:34:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44394
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16117
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 15:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Oct 2023 13:34:37 GMT

GET
H2 200 19735316_G.png
wtnz.images.worldnow.com/images/ 87 KB
87 KB 53ms
52ms Image
image/png 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wtnz.images.worldnow.com/images/19735316_G.png?auto=webp&disable=upscale&width=348&height=196&fit=crop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb34f457eb1450647f33550f34d9d923bd84c951cd29ed054dc971c9504df650

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:31 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 88870
cf-resized: internal=ok/h q=0 n=46 c=48 v=2022.9.7 l=88870
last-modified: Fri, 17 Jul 2020 21:22:31 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfCyty-VwvuBDadHob1yXRiQ:68426079e5b3e6eb411d6b5ae27050a9"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff908338bd9b39-FRA

GET
H2 200 21364769_G.png
wtnz.images.worldnow.com/images/ 88 KB
89 KB 63ms
62ms Image
image/png 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wtnz.images.worldnow.com/images/21364769_G.png?auto=webp&disable=upscale&width=348&height=196&fit=crop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc33f480058b9a47dd95d196a54b95ea6f259eb1aa4c60189569f2b368b726a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:31 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 90504
cf-resized: internal=ok/h q=0 n=30 c=52 v=2022.9.4 l=90504
last-modified: Mon, 13 Sep 2021 13:12:54 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cf69LZpcjNbEv5wM4u7x9G2g:d7440d36a4be0d617fd94e9e551689c4"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff908348be9b39-FRA

GET
H2 200 19735317_G.png
wtnz.images.worldnow.com/images/ 145 KB
145 KB 56ms
55ms Image
image/png 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wtnz.images.worldnow.com/images/19735317_G.png?auto=webp&disable=upscale&width=348&height=196&fit=crop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39391ef393928883c636aec639c7951302bce1862e24b5e80d2d729f25d0c6bb

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:31 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 148368
cf-resized: internal=ok/h q=0 n=18 c=26 v=2022.9.6 l=148368
last-modified: Fri, 17 Jul 2020 21:22:34 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfD48heneJOQ35eMJOq6n0qw:28b6d63eca4b5218e30a8c4bc07faa4e"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff908348c09b39-FRA

GET
H2 200 23522128_G.jpg
stacker.images.worldnow.com/images/ 7 KB
7 KB 56ms
55ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stacker.images.worldnow.com/images/23522128_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1666191121000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec0cf7c1797e6534470bccea76daf1e0b8d07fb96cec70a1ccafda988ecef29e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:31 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 6960
cf-resized: internal=ok/h q=0 n=8 c=6+23 v=2022.10.4 l=6960
last-modified: Wed, 19 Oct 2022 18:52:02 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfHZBJVJHtRILBWyS2zsQZvQ:2745c2b5ef129d7c49fab03d1711b752"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff908348c19b39-FRA

GET
H2 200 23538528_G.jpg
cntsyncont.images.worldnow.com/images/ 2 KB
3 KB 55ms
54ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23538528_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1666492479000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a2fc60091c50cbed19d697ea916e905d4c9174050ff6af1930b6ba87b65621b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:31 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 2422
cf-resized: internal=ok/h q=0 n=4 c=3+8 v=2022.10.4 l=2422
last-modified: Sun, 23 Oct 2022 06:34:40 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfhuu5o20oBRXMGmz2WAkL-Q:0f70a64a63b9f9177817f1ac952ae41e"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff908348c29b39-FRA

GET
H2 200 23477332_G.jpg
cntsyncont.images.worldnow.com/images/ 8 KB
8 KB 51ms
50ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cntsyncont.images.worldnow.com/images/23477332_G.jpg?auto=webp&disable=upscale&width=180&lastEditedDate=1665509455000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38ddc763f362ec861248b814820095bc3feb499f5f684251b4a85d4ad3cfeee4

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:31 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 8249
cf-resized: internal=ok/r q=0 n=24 c=8+16 v=2022.10.3 l=8249
last-modified: Tue, 11 Oct 2022 21:30:56 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfPIpaIQpqnJmjV63_Eofmwg:19e5d2e72dcafcfbd104ce5a860dd191"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff908348c39b39-FRA

GET
H3 200 568fMfmsPhabDhBQKM56ETVW7wyafyuYtNw47YmmG7Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 2D05 36 KB
16 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/568fMfmsPhabDhBQKM56ETVW7wyafyuYtNw47YmmG7Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7af1f31f9ac3e169b0e105028ce7a113556ef0c9a7f2b98b4dc38ed89a61bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 13:34:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44394
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16117
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 15:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Oct 2023 13:34:37 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Oct 2022 01:54:31 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 09B5 13 KB
5 KB 38ms
37ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wtnzfox43.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 17143
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 21:08:48 GMT
expires: Wed, 25 Oct 2023 21:08:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5AB1 783 B
536 B 49ms
48ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

09245aefdc0f18ce1293408d3d9a12a4613732e0175cb82432af2d7369c58acf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aXbUP9b8Jjbgk3dh40hZ2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.wtnzfox43.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-aXbUP9b8Jjbgk3dh40hZ2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 01:54:31 GMT
expires: Wed, 26 Oct 2022 01:54:31 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 20052938_G.jpg
wtnz.images.worldnow.com/images/ 22 KB
22 KB 52ms
51ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wtnz.images.worldnow.com/images/20052938_G.jpg?auto=webp&disable=upscale&width=348&height=196&fit=crop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61e3a2fbda2801e791779eca0821cb7de5621a0a7788d11dc2160e1658af3885

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:31 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 22437
cf-resized: internal=ok/h q=0 n=18 c=55 v=2022.9.7 l=22437
last-modified: Tue, 10 Nov 2020 14:28:51 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfyoTxFN12jV5JrbKoxLB_PA:a59276e0c550e8a6dd1bec1ab7ee7bd9"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff908489cb9b39-FRA

GET
H2 200 20052939_G.jpg
wtnz.images.worldnow.com/images/ 20 KB
20 KB 53ms
52ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wtnz.images.worldnow.com/images/20052939_G.jpg?auto=webp&disable=upscale&width=348&height=196&fit=crop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b05c8c30004325bfefcec348b8704b922992270a0f4c95a01a32e36b9fac4ce4

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:31 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 20082
cf-resized: internal=ok/h q=0 n=30 c=81 v=2022.9.3 l=20082
last-modified: Tue, 10 Nov 2020 14:28:51 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfyYVNjZBC0GToN9MKzskyNA:54dc872f6ad4a64f2d7d427c08ea6a30"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff908489cd9b39-FRA

GET
H2 200 20052940_G.jpg
wtnz.images.worldnow.com/images/ 20 KB
20 KB 54ms
53ms Image
image/jpeg 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wtnz.images.worldnow.com/images/20052940_G.jpg?auto=webp&disable=upscale&width=348&height=196&fit=crop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4fa342f34a92e366ecf2cac6b1f18d8799c44effe9504766c900b227a653dc4

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:31 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 20174
cf-resized: internal=ok/h q=0 n=19 c=46 v=2022.9.6 l=20174
last-modified: Tue, 10 Nov 2020 14:28:52 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfGJgkRFwnxP68sBOHNXqOmA:79fd7e8dc66daba747f92b5dc3d82c1a"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff908489ce9b39-FRA

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DA22 0
20 B 74ms
74ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B6ZljV5NYY7CbDYe89u8P55-VwAEAAAAAOAHgBAI&bg=!REelRwPNAAaaxvStusY7ACkAdvg8Woz7cKoTet_sd7-xX-pN5VRf3L8IatOsNkN4sKU_2v6J6EnIlQIAAACxUgAAAAJoAQeZAxna3nAnfUUsUIzwVeXSTl_rbkMgXZmGwK0rbO478qlengRGFetGQgbe3tCLjCNcBTblJpUIgfUXj-C9qjRU3bNEUkkmwl0BAOmEDuZXQINXrjvld5PIwCT7wlBIjsn6wXZaZdGYQwvuIjMi9P3LdXEWlpDUs9qBifTY92eLPIM3HPQTO2Awa2S7byZRPFKIRRJWHFRhu9D_BQD8P8X_BSSTNnS8eCbw5_KFeOzPbl9idTy28Ohc0aFWOz37eNbMMm-0SaaCFp-UC46PVfSATe-iNn9QODkqVVh5HOh_dw9A_4HTBrYikwGiPtxjalKjo35bxTcjRvy6Yw9Bjsr0h8cw-G9uR34sap6itXnnv0Xik4N99Q34BjHp-lP0cXwDDSnDbP8k_iOznr10BsuGdhqFJey2KZsTjYINxEXlW7GIg5NN4HPuHMpS1eikxpQXivAQA3f8A54Dx40phnxnIMY-r9xWPZkHFC5Y3Q2KXAaW7j56BeNqYWBiN5Xenh6_45tqXwpldd5HBbxkfto8xaRailJAswXVXDUsaRYmc9elwL8uIBUeJOeX0RkNmUV5FUtq8UoqRlD9gSrYfZXlDT9BAh0wkXlg2AC-AFrKb8J_30IcPJQ7q4W-cLA4uPIKmSXwxuYLPiG8FyqWb0Tc6eMKCzJxqaaO-VxF82kXsbJiwH9JVk_P36BKFxin8w9ZDmfSdEuyviUhGuvpuVhrVGfs74aXozWEVkmToOvi8X8lZD02UO1GAVnR1hHEX5K5XNnFaPsD3g__s--fGeFM_FJ3bs_XAMM-KaaLDIH8z_vRinamk9DaP7Njb_ImlZpG1tP6mmINmQ14FbxRJxvAOYOQMrxeoqPz_8eaOBLrcsHFrF118YdWfZPPdmNf-Zl8ScjXkJkwnouya3qx9we6Lvy3DOfrn3GGJ20a7kt-J-iKpHK1JwRuXoqQslFb9uBwC2H2PxhekAJrMKIvEabZBxVaskwEb8mU8D3u6qbG8HmVq9Jkme8ie8ITv4pmReMVyQx9CHbbSfFCOBN_1PzRs0TEm5E3PAC1508t

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 01:54:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5AB1 0
0 71ms
71ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022102001&jk=1744550744521387&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 568fMfmsPhabDhBQKM56ETVW7wyafyuYtNw47YmmG7Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 09B5 36 KB
16 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/568fMfmsPhabDhBQKM56ETVW7wyafyuYtNw47YmmG7Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7af1f31f9ac3e169b0e105028ce7a113556ef0c9a7f2b98b4dc38ed89a61bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 13:34:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44394
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16117
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 15:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Oct 2023 13:34:37 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 09B5 0
10 B 37ms
37ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?uN4j3Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:31 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 21364775_G.png
wtnz.images.worldnow.com/images/ 36 KB
36 KB 58ms
57ms Image
image/png 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wtnz.images.worldnow.com/images/21364775_G.png?auto=webp&disable=upscale&width=348&height=196&fit=crop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18fa38e6390e8fb8ffcba6769a82e79dc8651e7caf24470ff5d88be5040ea4ea

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:31 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 36715
cf-resized: internal=ok/h q=0 n=35 c=23+80 v=2022.10.4 l=36715
last-modified: Mon, 13 Sep 2021 13:15:08 GMT
cf-bgj: imgq:74,h2pri
server: cloudflare
etag: "cfm5F5a2ZmbUQkZXIkvjHLqw:deea409912c2204e11c6421545d581e4"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff90857aa59b39-FRA

GET
H2 200 22945435_G.png
wtnz.images.worldnow.com/images/ 36 KB
36 KB 58ms
58ms Image
image/png 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wtnz.images.worldnow.com/images/22945435_G.png?auto=webp&disable=upscale&width=348&height=196&fit=crop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0aefed17f3898a496e814187ce47a0ce5bc44c1df5ec0cc817a49957d40269c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:31 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 36728
cf-resized: internal=ok/h q=0 n=43 c=21+88 v=2022.10.4 l=36728
last-modified: Tue, 05 Jul 2022 13:24:03 GMT
cf-bgj: imgq:93,h2pri
server: cloudflare
etag: "cfgDf8lIICCV7Z0XFULLR7Aw:ea5e1ec7b79d34497c970d3de35a2e53"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff90857aa79b39-FRA

GET
H2 200 22952490_G.png
wtnz.images.worldnow.com/images/ 96 KB
97 KB 56ms
56ms Image
image/png 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wtnz.images.worldnow.com/images/22952490_G.png?auto=webp&disable=upscale&width=348&height=196&fit=crop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f30cdb7a1767a93042d5e87403201bb987f61d7c1eb6d567ffe44ff7a33ab496

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:31 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 98764
cf-resized: internal=ok/h q=0 n=11 c=32 v=2022.9.3 l=98764
last-modified: Wed, 06 Jul 2022 15:15:37 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cf1QnRlY8-WSJELuCZjjObVA:86b907feca027bb3a765dc70d0e0ed2d"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff90857aa89b39-FRA

GET
H2 200 22966023_G.png
wtnz.images.worldnow.com/images/ 68 KB
68 KB 51ms
50ms Image
image/png 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wtnz.images.worldnow.com/images/22966023_G.png?auto=webp&disable=upscale&width=348&height=196&fit=crop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c652c3a9ba7b2a2f8b258f3a7b838fdc9c9bd468c3c440ecaaf5a985afdf26a5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:32 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 69839
cf-resized: internal=ok/h q=0 n=16 c=48 v=2022.9.7 l=69839
last-modified: Fri, 08 Jul 2022 15:52:55 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfCGsViluqarDiDSTl7h-RYg:d22d1ff31731b742166d86ffbd5ad437"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff90862b5c9b39-FRA

GET
H2 200 23010095_G.png
wtnz.images.worldnow.com/images/ 136 KB
136 KB 57ms
57ms Image
image/png 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wtnz.images.worldnow.com/images/23010095_G.png?auto=webp&disable=upscale&width=348&height=196&fit=crop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ba72f5cf472a375a0ea6b22844849ac07020de94ac09ab1eef4dbfd323cb030

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:32 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 138939
cf-resized: internal=ok/h q=0 n=32 c=44 v=2022.9.7 l=138939
last-modified: Mon, 18 Jul 2022 15:03:36 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfs7tfrzBpYsftey2PYVQ2Ew:2d3143559175f17004380f01a8ce07c5"
vary: Accept, Accept-Encoding
warning: cf-images 299 "You must select exact format in your Worker first. 'auto' has no effect here"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff90862b5d9b39-FRA

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 75ms
74ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022102001&jk=1744550744521387&bg=!_f6l_rrNAAaaxvStusY7ACkAdvg8Wp8vIK3Cx0K0OJYH2bfcIMoFa0_1U2VSH8XXIRLL_DvcWfsMgQIAAABJUgAAAANoAQeZAp5smDtdpGXl9m7XMRBx8Drqzmb5zIV9-JSb_PQ0WRfn0KbyMOm7x0E8qjnetLI5Okjx7y6TuZhDLwa_yCAt_DEo4vHMKi5kwBrE8-FVDKDNan_yu5hpYnz1yX10SRY5LvXrCPypD4th0pN0C3WvZnrpDtfUyrgWNHkyU6Joa5ZZ543D3YvGTbwPBw7cNH7DCA7tJpfIn2ujEpECNLb50xHKr6WSfSFqJoa1xkcw1nYIL5a7KM5dCyJ3w99FY32hh1hlV-VwEFtYMHRoZqXR6cn_AvUAy5iXFm1r7ifiOnf54G4eXs6CaZvU_jXRoHdMK_XRaIpvA71-zbFgvXysbG85qHXy29DIlG07gFPAoodNNiugd8Ng4BaQbWJfQ-FgH9PZIHIL6jDsbxiLq9FtEjOCwTt3hMmcPlKqBpvopoPhPbDIlJiYpFYhvm7y2_Rffu6f_IMQz3ne6r-H-Pig16UvjvaCyYtvaOOz723Lj6F2qU9Mzgf17QfmR5QDMXalB6ff6zcK1A0wVy0X-wioVwMkwFuKg429GsbqY2KgLcQda3wD0Wb7C1S8Aj8ymuVGGXJhDd0qZN2IOKgxPW8snZLJe3Tv9wua_w-dxc1mpnnLHE-KyGzewJa2Mod_DM_2Btzb4Q2JnsvyA91wzgFQDnkAngyR9D2MmEuf5UmUPYoBmE8xwNvDlIGZIzvqQafK09JqYmfK4u-oHaIJCTF-UJmKvDr1N8wmOeOZW-jiaaTzY2ld_gb3rHIftiaNBHDhGfOSild-n0DGi9cwa0TD9ueLcZXiVBZflNvTXws1xmLmqRCBsHwpatM_jlBOnVECj7In4VO7Ofw5aVrqcGkgPeSZeipbZF2VhwHRHX5F7i6RFTvenaiggtMXUFsAc7qt
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2 200 resources Show response
www.wtnzfox43.com/api/componentInstances/header[0].cols[0].components[4].props.weatherWidget.props.zipcodeData,/ 841 B
605 B 1125ms
1125ms XHR
application/json 2606:4700:4400::6812:27f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wtnzfox43.com/api/componentInstances/header[0].cols[0].components[4].props.weatherWidget.props.zipcodeData,/resources?zipcode=37763

Requested by

Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-a708c222c663fd6ca8a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:27f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e436a334295bae90d709c74b9dc308aeea59caea23cc6a8d034f50bc7fd67688

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wtnzfox43.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-dns-prefetch-control: off
content-length: 460
x-xss-protection: 1; mode=block
x-response-time: 958ms
server: cloudflare
etag: W/"349-ndK7PD/p5OlOJhCaP7bs09ZDKZM"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=180
accept-ranges: bytes
cf-ray: 75ff908a1bc35c1a-FRA
expires: Wed, 26 Oct 2022 01:57:33 GMT

POST
H/1.1 204
No Content event.png
tpsc-eu3.doubleverify.com/ Frame 8B31 0
229 B 124ms
45ms Ping
text/plain 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-eu3.doubleverify.com/event.png?impid=752090717704481b930b2d17757b290f&gdpr=&gdpr_consent=&vdur=248&eoid=11&msrjs=3130&sdf=67108866&vit=2&isvelg=1&rmi=16&tltms=202&tetms=10&msltms=84&vltms=248&sei=289&vetms=5&engms=1&engisel=1&dvp_dtcov=2&msrcanlm=8648&msrcannum=4&ismms=31&isumms=30&nvr=6&isgmmims=31&isgmv4mims=31&elmtp=3&isbxdms=3031&b11=3157&adhgt=90&adwdth=728&norwdth=728&norhgt=90&vsos=3&dvp_vsosnmr=16&dvp_mvpw=device-width&lftb=3157&sftb=3157&msrdp=1&naral=8256&vct=1&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&invcs=false&scrhgt=1200&scrwdth=1600&strp=100&advisonl=true&isiabvms=955&isuiabvms=955&isgmpims=30&isgmv4dpims=955&ispmxpms=955&engalms=29&dvp_hdnAd=0&dvp_dpr=1&ttfurm=3275&cbust=1666749273513853
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3130.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Wed, 26 Oct 2022 01:54:33 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: close
Expires: 10/25/2022 01:54:33

GET
H2 200 21364769_G.png
wtnz.images.worldnow.com/images/ 543 KB
544 KB 59ms
59ms Image
image/png 2606:4700:4400::ac40:948a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wtnz.images.worldnow.com/images/21364769_G.png?auto=webp&disable=upscale&height=580&fit=bounds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:948a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec0e3f92110fca6618d2ceac26bbdf5f422291246d34c5fe3a628995e0af0925

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wtnzfox43.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:34 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 556496
cf-resized: internal=ok/h q=0 n=19 c=138 v=2022.7.2 l=556496
last-modified: Mon, 13 Sep 2021 13:12:54 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfkx3EMyzr2AogAK3o7ENiEg:d7440d36a4be0d617fd94e9e551689c4"
vary: Accept, Accept-Encoding
warning: cf-images 299 "Format 'auto' ignored"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75ff909459539b39-FRA

GET
H2 200 resources Show response
www.wtnzfox43.com/api/componentInstances/header[0].cols[0].components[4].props.weatherWidget.props.zipcodeData,/ 848 B
610 B 515ms
515ms XHR
application/json 2606:4700:4400::6812:27f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wtnzfox43.com/api/componentInstances/header[0].cols[0].components[4].props.weatherWidget.props.zipcodeData,/resources?zipcode=37738

Requested by

Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10763/app-a708c222c663fd6ca8a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:27f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a9df8b55d32f00a6158e117f1bf8d9d3a9258fec5001c26c089f8c484830c40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wtnzfox43.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:54:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-dns-prefetch-control: off
content-length: 461
x-xss-protection: 1; mode=block
x-response-time: 330ms
server: cloudflare
etag: W/"350-szeNpQKrXor36Z0tToLTLOq0aWE"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=180
accept-ranges: bytes
cf-ray: 75ff909cdf6f5c1a-FRA
expires: Wed, 26 Oct 2022 01:57:36 GMT

Verdicts & Comments Add Verdict or Comment

386 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.wtnzfox43.com/	1970-01-20 16:35:09	Name: _ga_F3QMS4WPJ8 Value: GS1.1.1666749268.1.0.1666749268.0.0.0
.wtnzfox43.com/	1970-01-20 16:35:09	Name: _ga Value: GA1.1.1805160477.1666749269
www.wtnzfox43.com/	1970-01-20 16:35:09	Name: _lang Value: en
.wtnzfox43.com/	1970-01-20 16:35:09	Name: _ga_frankly Value: GA1.2.1805160477.1666749269
.wtnzfox43.com/	1970-01-20 07:00:35	Name: _ga_frankly_gid Value: GA1.2.217135678.1666749269
.wtnzfox43.com/	1970-01-20 06:59:09	Name: _dc_gtm_UA-82494642-224 Value: 1
www.wtnzfox43.com/	1970-01-20 16:35:09	Name: _ga Value: GA1.1.1805160477.1666749269
www.wtnzfox43.com/	1970-01-20 07:00:35	Name: _gid Value: GA1.1.1889661782.1666749270
.doubleclick.net/	1970-01-20 16:20:45	Name: IDE Value: AHWqTUkm4BAFT8lhfJoSsb_POi1M6vS5v7IsFh23l6QanEFV-h0QekOc664kTO3BYjA
.wtnzfox43.com/	1970-01-20 16:20:45	Name: __gads Value: ID=4e65afc4e154e71d-22a7612a57ce0097:T=1666749269:S=ALNI_MZLYJv460ZRoZBW4DsELD6ClOCwJQ
.wtnzfox43.com/	1970-01-20 16:20:45	Name: __gpi Value: UID=00000b7870ff8555:T=1666749269:RT=1666749269:S=ALNI_MaCHSl1uyK0Erc1RimL6JCuuwqxEg
.adnxs.com/	1970-01-20 09:08:45	Name: uuid2 Value: 5120075266284778284
.casalemedia.com/	1970-01-20 15:44:45	Name: CMID Value: Y1iTVuu.hkMCSZOtllLuVAAA
.casalemedia.com/	1970-01-20 09:08:45	Name: CMPS Value: 1172
.casalemedia.com/	1970-01-20 09:08:45	Name: CMPRO Value: 1172
.adnxs.com/	1970-01-20 09:08:45	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVMr$jH7!]tbPl1M>e)ZlrFUfJ+tGXxpK?hzQc:Drve?hLDqFrR3ac=f8S[8/kTS*T]l3If)y3KL9D3I?+DNNRE1
.yahoo.com/	1970-01-20 15:45:06	Name: A3 Value: d=AQABBFeTWGMCEKfjbdVUhLl6SSu0Pl2ZmPYFEgEBAQHkWWNiYwAAAAAA_eMAAA&S=AQAAAuRZgfjpuhLe4bqAsYPXC_E
.w55c.net/	1970-01-20 16:29:23	Name: wfivefivec Value: vttPStW61ONvCL5
.adform.net/	1970-01-20 07:43:47	Name: C Value: 1
.bidswitch.net/	1970-01-20 15:44:45	Name: tuuid Value: c54209e8-97c1-4fdb-a4ef-0fe29aa20060
.bidswitch.net/	1970-01-20 15:44:45	Name: c Value: 1666749271
.bidswitch.net/	1970-01-20 15:44:45	Name: tuuid_lu Value: 1666749271
.analytics.yahoo.com/	1970-01-20 15:44:45	Name: IDSYNC Value: 18yx~27xd
.w55c.net/	1970-01-20 07:42:21	Name: matchgoogle Value: 5
.adform.net/	1970-01-20 08:25:33	Name: uid Value: 8618146184455014343
.rfihub.com/	1970-01-20 16:20:45	Name: eud Value: H4sIAAAAAAAA_1vFwmtoZmZmbmJpZG5oYmEEAHhLp3IQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0Mja0NDMxMjazMDI0NzQwsBTiM9QttzD3yMqrssgL8PcBAPs5M3klAAAA
.rfihub.com/	1970-01-20 16:20:45	Name: rud Value: H4sIAAAAAAAA_-MSNjU0Mja0NDMxMjazMDI0NzQwsBTiM9QttzD3yMqrssgL8PcBAPs5M3klAAAA

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ftpcontent6.worldnow.com/wrde/Derrick.css Message: Failed to load resource: the server responded with a status of 403 ()
javascript	warning	URL: https://wtnz.images.worldnow.com/interface/js/WNVideo.js(Line 24) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://content.worldnow.com/global/js/_pub/wtnz.config.js?ver=7.15.0-5, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://wtnz.images.worldnow.com/interface/js/WNVideo.js(Line 24) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://content.worldnow.com/global/js/_pub/wtnz.config.js?ver=7.15.0-5, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://wtnz.images.worldnow.com/interface/js/WNVideo.js(Line 25) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://wtnz.images.worldnow.com/interface/js/wnaffiliateconfig.js?ver=7.15.0-5, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://wtnz.images.worldnow.com/interface/js/WNVideo.js(Line 26) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://content.worldnow.com/global/js/_pub/off-platform.min.js?ver=7.15.0-5, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v91.js(Line 99) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v91.js(Line 111) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.com
adservice.google.de
bd815ac8cde2055ea3311f3654b2cd9b.safeframe.googlesyndication.com
c1.adform.net
cdn.cityspark.com
cdn.doubleverify.com
cdnjs.cloudflare.com
citysparkstorage.blob.core.windows.net
cm.g.doubleclick.net
cntsyncont.images.worldnow.com
code.jquery.com
content.worldnow.com
csp.azureedge.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
ftpcontent.worldnow.com
ftpcontent6.worldnow.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
maxcdn.bootstrapcdn.com
ngw-static.franklyinc.com
p.cityspark.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pm.w55c.net
prsubmitpresslifestyle.images.worldnow.com
region1.google-analytics.com
rtb.openx.net
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
stacker.images.worldnow.com
stats.g.doubleclick.net
sync.teads.tv
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-eu3.doubleverify.com
ups.analytics.yahoo.com
us-u.openx.net
wdfx.images.worldnow.com
wtnz.images.worldnow.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.wtnzfox43.com
x.bidswitch.net
104.75.89.75
142.250.185.162
142.250.186.162
172.217.18.6
185.80.39.216
193.0.160.129
20.60.81.107
2001:4860:4802:32::36
2001:4de0:ac18::1:a:3b
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:4400::6812:27f7
2606:4700:4400::6812:2862
2606:4700:4400::ac40:939e
2606:4700:4400::ac40:948a
2606:4700:4400::ac40:94e4
2606:4700::6811:190e
2606:4700::6812:acf
2a00:1450:4001:802::2002
2a00:1450:4001:806::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:813::2008
2a00:1450:4001:827::2006
2a00:1450:4001:827::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:400c:c07::9d
2a02:26f0:1700:d::1737:6ea4
2a02:26f0:6c00::210:ba11
3.120.71.147
3.124.240.3
3.126.56.137
34.149.12.213
35.186.253.211
35.244.159.8
37.157.6.241
37.252.172.250
37.252.173.38
52.160.40.218
66.155.71.150
01d792866b302a1c7bbcdf6d7ac044de1e247f8443037121be757a4166d66ce7
05dda2cb47317201eb228289f1316b7aa3803e8441a2a1d1d0374e4d52ebe642
065e8b1a2b6a14b59d6e142d6696552c2fc53a62fefc44c34c8aa1c4e1c2633b
06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5
079720151f8e5a548186737593346110b3534909e074b4de98de5f1923dbb486
09061c6edd1088f5c30cc04c0a845762619c6407a339010738e6858486009435
09245aefdc0f18ce1293408d3d9a12a4613732e0175cb82432af2d7369c58acf
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d98695088c9aa468d4a0b44430109d7db5776940169ec99275238675dc593e7
0fd92c1c1805add3f2e4b63143249fc816ee8085c465eb984141acf13cc60c90
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
131acd182ba974b74aa63c4723fe89fe1498494ca6652a3d86c5b2bd274addc3
18fa38e6390e8fb8ffcba6769a82e79dc8651e7caf24470ff5d88be5040ea4ea
1c2e77bbcc2e76d4102450142ed2628537c5aeabb587074413177dc4d78c7370
1c6dce761e72309f05b20d64d404ca9798d126f01de528969d0b37f546bcd319
22914c9c8272747308b2007c2c503aba865f7f05b81be326ed90f5b888df9fd2
2458a27f0a0db737b6409d8219566d92690d94544bdc512b50cbcac4e1913339
250686eb4f9e94b0bd0812e4e65b239b3355af85e21aff1dfaf3914f8b99f8f3
26e336b5a4bcf66f5344dab464263c6379803de92d4643ac2688dfa8190dd7dd
296461b633e7a0252ed0f8dcce695fd21336593dc55f108d6cb29f605e39e1e3
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
2a12baf864d29f1fe05f1b1ac339d673b526281ff856de34c1c49159419421c5
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2cad672c165dfff15dfb40f6d2711d0071566a5a5894dae0beba5d1f30819b71
2e36582522feed3f46a5d91422cf6074ca28d81e5c8e36316eb7185fd071f49f
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
340ab57d29d11c88e0325d87bcc96681eb96fd206187d81c21f65fe369c99d2c
3435b89855d83510f5b3dcc3d0bfe4d8b7848a76c218d939fa4cbcc43d004f02
37b44dbe703be939b91a06b44e66fbbf69a357ab6c6f2617375041e0075870d1
38ddc763f362ec861248b814820095bc3feb499f5f684251b4a85d4ad3cfeee4
39391ef393928883c636aec639c7951302bce1862e24b5e80d2d729f25d0c6bb
3c8607f98a261f6241e6190d0e6d562d6ab86b03dc42244d18db1de553285f79
3d5ef5208fc3f2d69568af5bc061bacac841da199c81e78e43692f73f21a8bd4
40aa0e322fa316e3288d2f6156508eb903a0dd75f2b55bb85a3c566af06a5ace
47a278025cea905349e975bf082b6d027e22a536a4b3d370afeb04d8fc5b2ca4
4974622fff31e0fe9dcc6c31c33e3f74dfb665d2678bd876ab807506e3bab60c
4a13ff1bc382c3542e9cc1e6ef0a51a45f7b7ebec20083142b19fe771ea4f25e
4a2c2ea5065da01756d3890c77cfb78a8efc9ff5fff002ef58d7af9e5640deb9
4b0be9a22de354f6038ecc67fa0c41fe46089d3a343d787b5a9f225f0aef9731
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c9ddf7420489fbd37567cca1557de5745e0e8c53802ae8b7a8f81f7de95aeec
4caec19fb48c8b123d8f1dd3443f2bd70863adf6408db3ea83b1ee46df65c454
4d45fdd380c77993c21d53f91081164c1ed5a4476f7fe346cfbb5b57db660ec2
4dea6b42ca09febdeb728c377fa90f6adb3f4afa92ef00d7ca6f3bbc095fafc7
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f3798fda606318f77c6558057b8ff7abafe73bd30332fe8cfa4d177d3682785
4f4dd861caf045902d5ee18d4c5203ead44fac6f13bc2c2b79cf87ec6b80b167
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
524c55c8d2300cce448d346b995650dc7fcd703ab0c3734c057147b5c69d3773
52538888302d08b9114a03db87f7009796143758b9aab538ec94bb064203c734
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5ad9ab0634909d4d9ff66ad340b6a14ca2f3d76120e02d73f37a196598877d71
5fd323d8762bfe107930a69fab5d99df2b9eb7fcf1e266bfc801113a0d4d9620
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e3a2fbda2801e791779eca0821cb7de5621a0a7788d11dc2160e1658af3885
6246ffa8b155104fe868b8695385b69fb02fe0dd7491faf4caad7fa5cce3cc52
63f144c4faf434bfe66e01058d20974e19961adab4808beaaf9735871e930d4e
640df844e66ad8f2c4d75663b116f8215e878ac03e6be793dac3354126178377
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c33ab3251f254d347bf92d9f5a74b97dbe8fe2fe45cc892db3071c3e51c2218
70f42cd797758be59e0ba2c63448e9011dc996216954aaf1c762c9fa51e9efb2
78fa9037e398601d72e3bd5c10f5086df33636072ba89e007c3403149f5f1480
7cee747e2a0da7a87f0af6e3421959a71c107013d69fa1b464b0bc59909bc5d6
7d6396255369987f962fe3c3a7e2e19c73093c196a87f998333cbfcd6b5236d4
804f4da38e3688f66a21df5aef645a12677f9e3c9967891dd61e3e72967b465e
80bb8d623b7fd73ff06dee085de8a8b4924a3687e42de3e921757c38a24beb70
821964a0d99050d0b691ce653a50cf71f5261851a94920e8ec2e88b451459f13
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8606e94137a3d18d44fd91d59b1bfe8b15907885e8de54a022cd3179f04130bf
874e545a5055f7c8602c30ffd711768e8105bb75c87045a794f934d9cffa30c6
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
880018f8aba42ac1bb2cc5967f657b50d600f1cba4b91e02aef0a64e1e041bd5
899d35504523d3da482963a26a700f380cf32fdca4e5d0aaffc2ac8688c726cb
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8a2fc60091c50cbed19d697ea916e905d4c9174050ff6af1930b6ba87b65621b
8a9df8b55d32f00a6158e117f1bf8d9d3a9258fec5001c26c089f8c484830c40
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b217a661aef3ebd5523ba703627c5c10d1766e43093bf84ff9ad0010bc4300d
8ba72f5cf472a375a0ea6b22844849ac07020de94ac09ab1eef4dbfd323cb030
91020ed5f440c5b6143d89d9c1e3da9135cfaa3fb441eb9192c5bde56c298ad9
910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
948c224783bfc65ebe57eaca98e5968a10717272ed8120746501997509fa564c
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
97cdd25c99fffed33f4405aac265224d8d63bdb11b7879aec6db3a89a2316ded
9968e34bb5ed5d461966698b8b868be2ec2aa4476d9794ae9848a861fc34c7bf
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c714279e82caf70e5630a5cc18b98f7c43a79570bae0d8ed9c806d356e8d1ed
9dae67f95dd7f1b43b4ebafdb182f27d937f6c59f7fe012c946e214d54500069
9dcf7695a8fe04a4b1bf2dce9f04b937223c29b809b6a882586ba2d01428d71a
9e0f7adb2e720c4eca88f6c351e7a475c66183b6cc2e858db6fc7e42c4bb220d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0aefed17f3898a496e814187ce47a0ce5bc44c1df5ec0cc817a49957d40269c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4e4f18402de8bc6a29c6cad718d72f69f5bb14926c461aa51276d69f2a2715a
a4fa342f34a92e366ecf2cac6b1f18d8799c44effe9504766c900b227a653dc4
a6d9938e7a9a011bf288df644ac7987890b9f196e7e9548003ee84564e19d575
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7993d2d8d1e84feef5eaa4d8c9dcbc44367875122baa1b6760d9150711f4577
a975ed5a70fb131883fd1ec66ed577c5e07b8e2cd14bdc540d4abc7ab879019e
a994d8788ddbdc30d69ffbbacbe91e05b5f1fcc463975dd736d408c7e8536ebf
a99e110c12b1a25a2ea4e9f5e13252c2c9152cc4f3386c4d9b0465f25c261024
aa0ccaba675641f9abc062856948bd428eb1c921045054f0eddb3ab0a1136ab1
ad5befcda38c3d70681342c7daf53e34a107982fcd8f5b1dcbba00b973a07fe4
ad9ee28660fa02b5d374001dcd8e48e1bf54e68ef675df49d16db0970cee81db
ae21801303b5c54d5b9edc86c4b793f49154c10370b1748d55e571da8c1834bf
b05c8c30004325bfefcec348b8704b922992270a0f4c95a01a32e36b9fac4ce4
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b40175f360a2a073e1ae8e4ba504945023ae6733d2edff21d895c9165f65997b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b7733207cffdf30a54d5243350f4d55e696721a83a3022df349ce7ee17cbd3c2
b92939169856426f79aa6284a7c4fbacfc37beabf9db16fad3c26c927f1e2ca3
bb629e74741734f357fcc6f4b04d7479f04be72e6622305aded71cc872edacca
be107799467154e190af21d49d9c49fd90d6addec4eecbb2205b170906a39222
bfcf80bfb2d17562d38d3f50db9274d902ec50021beb3cc46ca61de7d2410a2d
c145b7e2b907c7eaa938560a06f9074acada5ada4108d75671a5c6280750596f
c1dfdf1d75708eb87a6ec32249489c199a6fc2626ce6f32d79a0f61ba40813ff
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c652c3a9ba7b2a2f8b258f3a7b838fdc9c9bd468c3c440ecaaf5a985afdf26a5
c816f2ae640d0c61915f21b63cd4b034515f7c32a3c51faa6f3cb0438458cd26
c904883fc3bdccf64367844e4a7d357485cdc98c441fcac5b40b03ee3b05c3fd
ca1cb59cc3b69c5722e1f69a2ba65a15ca125e61c5cdc0b97888875d4be0a167
ccf37da88c15002545387b804f0177b743796aa61bbe808d176b13b8ced3cce1
cd5cb01f654a740a26942107c8bb0a2cbb42735353acd68f180295d3ba4f8d90
cf1c90e0a85488caa38447e62d3a3dd7811963fb83ac7bd2ad0a9d04d8a7bbc9
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d419cccf5c9dd96368919e7526da90913b9f3bff11dc4e0c43010e6282ae0fdd
dc33f480058b9a47dd95d196a54b95ea6f259eb1aa4c60189569f2b368b726a3
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e436a334295bae90d709c74b9dc308aeea59caea23cc6a8d034f50bc7fd67688
e4cae24bc1a8643ec77317e60407b95333dc7dac134336f718a9549d07e65acf
e79f020cc59ca8790cd2e0c3d43440fdfd1f6a6fb6b3e51d4847e62a3d862b31
e7af1f31f9ac3e169b0e105028ce7a113556ef0c9a7f2b98b4dc38ed89a61bb4
e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423
eb34f457eb1450647f33550f34d9d923bd84c951cd29ed054dc971c9504df650
ebf72f7948955e7aff392cf018875ddc4e4c3420037e18f54e483b652d206bd4
ec0cf7c1797e6534470bccea76daf1e0b8d07fb96cec70a1ccafda988ecef29e
ec0e3f92110fca6618d2ceac26bbdf5f422291246d34c5fe3a628995e0af0925
ee5cd4d7546e818f0ce9229dbc7b1cc82f25611fa60c5ad26cdf8e6e7195a418
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
eee64e7a420c5e70f9c636da84110997eb85bf5e55e56a003ff4b448d4889897
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef433318964493c3633452d864bd04c3ba138cde3cc448f5a67e6309dc405406
f0e49738dac457f1c0b1b906c96da239b5b2361e4318a31b401487ac1dd89077
f28565927fdfc6b19aa587b954c6d1cd06428a51d583bc055cd4f5cf966ac2bb
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
f30cdb7a1767a93042d5e87403201bb987f61d7c1eb6d567ffe44ff7a33ab496
f37e4e6e6b13556ed18c7cc556a3053f3a9176f26f746757da47a4fd1ea903cb
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5c9d4b166ecdc203c4b8bbcf475f98d4dd9fa94dde35d2e40389ddcb5c6a3ba
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6f512135d32bd17b2662ea6e36a3e5ed0ee338a9d54bd0294e2a543d95214fe
f84075094722379c5166b269b0cb0663503923b9433c944d31958a92caa1c48d
fb270ebd7674e1ef22e11c676f79e755154bc6b4f3ceff2fbdbabe3ccc4f301d
fbbfef54b7356d5976be2578760874b170b4fcbed606288da533c60e173e2e2b
fd9e6438825cf79e52a216abe1a0998abd4671073f5280016547b66dd873c889
fdde589a6fe11353d5aa27149892a0eb2364235c57b59be008cfc9fdabb4ae08

www.wtnzfox43.com Open in urlscan Pro 2606:4700:4400::6812:27f7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

209 Requests

95 %HTTPS

60 %IPv6

30 Domains

52 Subdomains

40 IPs

7 Countries

5894 kBTransfer

15249 kBSize

28 Cookies

10 Outgoing links

Redirected requests

209 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.wtnzfox43.com Open in urlscan Pro
2606:4700:4400::6812:27f7 Public Scan

Screenshot
Live screenshot

Full Image

209
Requests

95 %
HTTPS

60 %
IPv6

30
Domains

52
Subdomains

40
IPs

7
Countries

5894 kB
Transfer

15249 kB
Size

28
Cookies

209 HTTP transactions
5 data transactions